Raw IDS events are stored by Alert Logic® for six months. This is also the case for any event that is appended to an incident that is escalated. However, while the raw event will expire at six months, the interpretive analysis (correlation analysis; manual analyst commentary) will remain in storage and accessible in the Alert Logic console in perpetuity for the life of that account.
Articles in this section
- Why doesn't the Alert Logic Scan Engine report SWEET32 on Apache servers?
- Can customer data in United States data centers be accessed by UK resources?
- How is access to data controlled?
- How is customer data stored and protected?
- How is data from multiple IT environments aggregated?
- How is data stored within Alert Logic?
- How is data transported from the customer environment to Alert Logic?
- What are Alert Logic’s data retention capabilities?