PingOne Advanced Services

November 2024

Platform version: 1.19.2.0. Updated November 21, 2024.

In this platform version:

These applications are also included:

Indexed log file retention policy change

Info

With the release of platform version 1.19.0.0, we announced that we’ve replaced Elasticsearch with OpenSearch because OpenSearch provides a larger and more innovative feature set. As part of the 1.19.2.0 log adjustments, we will now have indexed logs available for a rolling 30-day window. This change will be rolled out to all platform versions of P1AS starting on Feb 1st. Log files older than 30 days will be unavailable and will remain in our internal archive.

Many of you have your own Security Information and Event Management (SIEM) systems and your own ways of storing, indexing, and searching your log files, so you won’t be affected by this change. The same is true if you receive a copy of your logs through a customer endpoint. Your log files can remain on your endpoint systems for the amount of time specified in your retention policies.

Otherwise, this change in policy means that:

  • If you’re upgrading to version 1.19.2.0, your Elasticsearch data will not be directly migrated into OpenSearch. Instead, only new logs will be processed after the upgrade and be available in your new OpenSearch dashboard when the upgrade is complete.

  • If you’re using platform version 1.19.0.0, this change will occur on February 1, 2025. On that day, you’ll notice that your Kibana or OpenSearch dashboards will only display indexed log files for a rolling 30-day window.

If you want to have indexed log files for more than 30 days, we recommend that you add your own customer-managed endpoint, or use your own SIEM system to store and manage your log files.

To have your logs sent to a SIEM system or other customer endpoint, submit a service request through the Support Portal. Learn more about submitting this type of request in Platform service requests > SIEM integration.