Which logs are likely subject to an automatic deletion policy?

The answer highlights the comprehensive nature of the automatic deletion policy as it applies to various types of logs managed by FortiAnalyzer. Automatic deletion policies are designed to manage storage effectively by removing logs that are no longer needed, thus preventing the system from running out of space and ensuring it remains efficient.

In this context, all log files generated by the FortiAnalyzer system, which include system logs, analytical logs, and archived logs as well as any quarantined files, can be subject to deletion policies. This means that logs that are not actively needed for analysis or reporting purposes may be automatically erased after reaching a certain retention period or under specific disk space thresholds.

By encompassing all log types, the automatic deletion policy provides a robust means of maintaining optimal performance and resource management for the FortiAnalyzer, ensuring that the most relevant and current data remains accessible while older or less critical data is regularly purged.

This comprehensive approach is particularly critical for organizations that generate large volumes of log data. It helps ensure that the system can absorb ongoing data intake without becoming sluggish or overwhelmed, which would be problematic for operational continuity and security monitoring.