Comprehensive and Detailed Explanation From FortiSOAR 7.3 Exact Extract study guide:

According to the FortiSOAR 7.3 Administration Guide under the "Audit Logs" and "Role-Based Access Control (RBAC)" sections, managing the lifecycle of system logs requires elevated administrative privileges.

To perform a manual purge of audit logs, the system validates permissions across two specific areas:

Audit Log Activities Module:The user must haveDeletepermissions on this specific module because it is the repository where the actual log records are stored. Without "Delete" rights here, the application cannot remove the database entries.

Security Module:Because the purging of audit logs is a sensitive security operation that affects the system's accountability trail, FortiSOAR requires theDeletepermission on theSecuritymodule. This acts as a secondary administrative guardrail to ensure only authorized security administrators can permanently remove audit trails.

Permissions on thePeopleorUsersmodules (Options C and D) are used for managing user profiles and account attributes, but they do not grant the authority to manipulate system-level audit databases.