@Vladimir: thanks for your reply, but that doesn't answer my question.
I've never seen a data retention policy by legal department which says we will need to store logs for 5GiB long.

Typically there is a duration of 30 or 60... days defined.

Isn't there a way to configure that with Check Point?

The market leader is able to do that - shouldn't be that hard:

The same goes for database revision backups

Looking forward to your input

@Johannes_Schoen , the size and the percentage of space are predictable values, the duration is not, as it dependent on the volume of logging which may vary drastically based on the complexity of your policy, number of users, depth of logging and numerous other factors.

Your management server may not even be capable of retaining said 30 days of logging, in which case this setting will be moot.

This said, there is some discussion going on about merits of enabling it and improving the logging configuration:

https://community.checkpoint.com/t5/Logging-and-Reporting/How-to-store-logs-Focus-on-time-range-inst...

There are also two workarounds mentioned, one script-based and another using GUIDBEDIT.

Yet another option is rotating files at Midnight and forwarding them to external server.

Forwarding will be purging local logs.

You are still stuck with the retention limit problem on the target server though.

How to obtain the "checkpoint daily logs retention configuration" using a command in clish mode ?

Thanks in advance

@Uri_Lewitus: thanks for your reply, but the issue with the retention stays the same.

@Vladimir: I know, that it's hard to calculate logs in advance, but other vendors got the same issue.
I guess this customer will be open to muddle things the dirty way by scripting a cron job - but this is an unacceptable way.

What do you do, if you have a big customer Check Point vs Palo Alto and this is a base requirement?
Manual scripting won't be satisfying - would cron-jobs be upgrade-persistent?

And I want to steer the questions as well regarding the revision control (same issue).
I found a mgmt_cli command to set a limit to eg. 30 files - is this a permanent setting or do I need to rerun this command every few days? Is this command documented in an official document? I don't want to say the customer it's written in a forum

@Johannes_Schoen , the issue of log retention based on duration as a decisive deal breaker has not come-up in the past four years that I've been involved with the client-facing practice. Not saying it is not needed, but that I have not run into it.

As to revision retention, there are no longer files as there were in R77 and prior versions, they are database records detailing changes. I am still uncertain as to the reason for purging these, but if you can explain it to me, perhaps I'll see the light 🙂

@Dror_Aharony: Okay, thanks for your response - then we need to wait.

Can you tell me, if "mgmt_cli purge-published-sessions number-of-sessions-to-preserve "20"“ will limit the files permanently to 20 versions or just deleting all >20 on a one-time base?

Hey, 

It will leave 20 revisions on a one-time basis.

After the command finishes, new revisions will be created, even over 20.

There’s no way to permanently limit the number of revisions from the API (or any other way AFAIK)