Data retention periods
Updated 8 months ago
by
admin
The following table describes the standard Data Retention Period per product available in Unified Security Service.
Product | Retention Period |
Web Security (including Gateway Anti-malware and Image Analysis) | 3 months |
Cloud Application Control Broker (API mode) | 3 months |
Cloud Application Control Broker (Inline mode) | 1 year |
Email Security | 3 months |
Multi-Factor Authentication (Legacy) | 1 year |
Cloud Multi-Factor Authentication (powered by Entrust) | 3 months |
Audit | 1 month |
ASE Events | 3 months |
What happens after the retention period ?
After the retention period the old data is automatically archived and made available to download from the Report Archives section in CSV format.
Products marked with an * are not currently automatically archived.
How much data does a Log Archive contain?
The default is one day worth of log data per archive file. This can be changed by contacting your service provider. Log archives start to be generated at the end of the retention period for the product.
Can the Retention Period be extended ?
Yes, please contact your service provider. Increasing the retention period may incur additional charges.
How far back can I query log data in the dashboard?
You can query log data within the last 90 days, however please note that it may not be feasible to return all the results on a large data set. Always try and specify as many criteria as possible to narrow down your search. Some data sets have the ability to easily return millions of rows for a short period of time (Excel can only open files with less than 1M rows). Also consider Log Streaming as an option.