This article describes how logs are archived and how some of the parameters may be customized in Airlock 4.1 and newer.
Airlock stores its log files in two partitions, /data and /archive. As soon as the usage in /data exceeds a certain limit (70%) or when the log files exceed a certain age (182 days), the corresponding log files are moved (and compressed) from /data to /archive to ensure enough capacity is available in /data. Once the files are moved to /archive, they are kept there until the capacity reaches 70% or the files are older than 365 days, then they are deleted.
These limits should suit most system configurations. However if you have a high traffic system with small harddrives, there might not be enough space left (those 30% of /data) to store full logs of the current day. In this case you need to adjust the settings to your own values as follows:
Example:
df -k
root@airlockhost:/[49] # df -k
/dev/md/dsk/d40 45961994 43637353 45455577 96% /data
This means on the current day you have allready log data of 96 - 70 = 26% of the file system's capacity.
If this happens mid-day, then the total amount of expected daily log data would be ~50% of the /data partition's capacity. To be safe, you set DATA_MAX_DISKPACE_USED=40.
This means 60% of /data are kept free and you have enough space to store those 50% that are required every day.