---
title: "Backup for Audit Log"
slug: "fortanix-dsm-backup-for-audit-log"
updated: 2026-04-01T07:32:05Z
published: 2026-03-17T16:11:06Z
canonical: "support.fortanix.com/fortanix-dsm-backup-for-audit-log"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://support.fortanix.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Backup for Audit Log

## 1.0 Introduction

This article describes the Fortanix-Data-Security-Manager (DSM) audit log backup procedure. By default, audit logs are backed-up as part of the protected Cassandra backup. But many audit logs could increase the time taken to backup and might require large space for each backup.

## 2.0 Backing Up the Audit Log

Perform the following steps to create the storage accounts and containers for backing up the cluster data to configure the audit log backup:

> [!NOTE]
> NOTE
> 
> By default, all the CRON jobs schedules are in the UTC time zone.

1. You can create a separate audit log only backup job that can run on its own schedule and backup destination. Update the following parameters in the `config.yaml` file:
  - For Fortanix DSM version 3.27 and above:

```bash
backup:
  cron_schedule: 10 * * * *
  backup_mode: snapshot
  exclude_auditlog: true
  scp:
    server_ip: xx.xxx.xxx.xxx
    username: administrator
    password: ********
    path: /home/administrator/backup
auditBackup:
  cron_schedule: 0 * * * *
  backup_mode: snapshot
  scp:
    server_ip: xx.xxx.xxx.xxx
    username: administrator
    password: ********
    path: /home/administrator/backup
```
  - For Fortanix DSM version 4.6 and above, add the `authmode: password/private key` parameter:

```bash
 backup:
  cron_schedule: 10 * * * *
  backup_mode: snapshot
  exclude_auditlog: true
  scp:
    server_ip: xx.xxx.xxx.xxx
    authmode: password
    username: administrator
    password: ********
    path: /home/administrator/backup
auditBackup:
  cron_schedule: 0 * * * *
  backup_mode: snapshot
  scp:
    server_ip: xx.xxx.xxx.xxx
    authmode: password
    username: administrator
    password: ********
    path: /home/administrator/backup
```

> [!NOTE]
> NOTE
> 
> The value for `authmode` parameter can be either `password` or `privatekey`. However, it is recommended to set the value as `privatekey`.

### 2.1 Setting or Patching a Kuberenetes Secret

The following steps explain the method to set a Kubernetes secret:

1. In the `ssh-secret-patch.yaml` created in “*Section 2.1: Setting or Patching a Kubernetes Secret” in the*[*Data Security Manager Backup and Restore Guide for Passwordless Based Using SCP*](/v1/docs/fortanix-dsm-backup-for-audit-log#21-setting-or-patching-a-kuberenetes-secret)*guide*, update the value of `name` parameter under `metadata` to `secret-ssh-audit-auth`.

```bash
backup:
apiVersion: v1
data:
  ssh-privatekey: "PRIVATEKEY"
kind: Secret
metadata:  
  name: secret-ssh-audit-auth
  namespace: default
type: kubernetes.io/ssh-auth
```
2. Run the following command to patch the Kubernetes secret object:

```bash
kubectl patch secret secret-ssh-audit-auth --patch "$(cat ssh-secret-patch.yaml)"
```

> [!NOTE]
> NOTE
> 
> To schedule the audit log and normal backups at different times to avoid contention, update the `cron_schedule`.

For example,

```bash
cron_schedule: "0 4 0 * * *" # Run once a week at 2am
```
3. From the Fortanix DSM version 4.16 and above, run the following command to configure audit log based backup and paste the private key when requested:

```bash
sdkms-cluster secret set secret-ssh-audit-auth
```

*For steps to disable the backup configuration, refer to*[*Disable Backup Configuration*](/v1/docs/introduction-to-fortanix-dsm-backup-and-restore#60-disable-backup-configuration)*.*

Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.

Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.

## Related

- [Port Requirements](/fortanix-data-security-manager-port-requirements.md)
- [Logging](/fortanix-armor-log-management.md)