1. Overview

Prisma Cloud caps the size of some data collections to prevent misconfigured or noisy systems from consuming all available disk space and compromising the availability of the Console service.

The following limits are currently enforced in Console’s database. If you must retain all audits, consider configuring Console to send audits to syslog, and then forward audits to a log management system for long term storage.

Collection Cap

Jenkins plugin and twistcli scan reports

5000 scan reports or 500 MB (whichever limit is hit first)

Access audits

100K audits or 50 MB (whichever limit is hit first)

Kubernetes audits

100K audits or 50 MB (whichever limit is hit first)

Admission audits

100K audits or 50 MB (whichever limit is hit first)

Log inspection events

100K audits or 50 MB (whichever limit is hit first)

File integrity events

100K audits or 50 MB (whichever limit is hit first)

Host activities

100K audits or 50 MB (whichever limit is hit first)

Host history

100K audits or 50 MB (whichever limit is hit first)

Container runtime audits

25K audits or 50 MB (whichever limit is hit first)

Host runtime audits

25K audits or 50 MB (whichever limit is hit first)

Serverless runtime audits

25K audits or 50 MB (whichever limit is hit first)

WAAS for containers events

200K audits or 200 MB (whichever limit is hit first)

WAAS for hosts events

200K audits or 200 MB (whichever limit is hit first)

WAAS for serverless events

200K audits or 200 MB (whichever limit is hit first)

WAAS for app-embedded events

200K audits or 200 MB (whichever limit is hit first)