Archives

Horizon has the capability to archive (extract) and purge (remove) the following elements:

  • Events: events older than a finite duration. For example, it is possible to enforce a retention of 3 months (90 days) of events in the database

  • Certificates: expired certificates according to a filter expressed using HCQL. For example, all expired certificates on a certificate profile

Archiving and purging can be performed for various reasons, the main being:

  • GDPR compliance: certificates and events may contain data that falls under the GDPR regulation

  • performances: the volume of expired certificates and events may have impact on the performance of the database, specifically in the certificate dashboard and the event search

Data are archived through parquet file. Parquet is a perfect choice for archiving data for the following reasons:

  • It is a standard format and offer broad compatibility with many data reading tools

  • It offers strong compression capability

As of now, archives can be stored:

  • In the MongoDB database using gridFS (default) _ In a S3 bucket (require advance configuration, please refer to the following documentation section)

How to configure Archives

1. Log in to Horizon Administration Interface.

2. Access Archives from the drawer or card: Archives.

3. Click on Add report.

4. Fill in the mandatory fields.

General

  • Name* (string input):
    Enter a meaningful archive name. It must be unique.

  • Filename* (string input):
    Enter the file name. It must be unique on your storage.

By default archive storage is the mongo database for on premise instances. Horizon also supports S3, see the Advanced configuration guide to configure it.

  • Type* (select):
    Select the archive type:

    • certificate

    • event

  • Certificate

  • Event

  • Archive Keys* (boolean):
    If enabled, escrowed private key will be added to the archive (encrypted).

  • Filter (string input):
    The HCQL filter to apply to the archive.

  • Before* (date):
    Date before which to archive events. By default, only events older than 3 months are eligible for archiving.

5. Click on the save button.

Archive actions

Once an archive has been created, several actions are available:

  • Retry archive Retry in case of failure

  • Download archive Download the archive parquet file

  • Cancel archive Cancel the archive. This will restore archived certificates as well as delete the archive file

  • Delete archive Delete the archive. This is only available after a security period has passed. This period is 7 days by default but can be overridden

Archive deletion does NOT delete archives if using another storage backend than gridfs.