For regulatory purposes we have to start retaining CM audit / history logs. Can anyone share how they've done this? I see in the /var/logs/ecs there are 3 command history files, which look to be 1 month each. They are also associated to the root account. How would I gain access, and offload these regularly ?