The Alert Logic® command line interface (CLI) can be used to determine the log retention period for your account. This query works for customers with Alert Logic Professional or Enterprise in the Managed Detection & Response (MDR) platform, as well as for Alert Logic Cloud Defender and Log Manager® customers.
To use this query, you must first download and install the Alert Logic CLI and add your credentials.
Note: Alert Logic Cloud Defender and Log Manager customers can also view their log retention period in the Alert Logic console at the Support menu () > Support.
Determine Your Retention Period
To determine your log retention period, execute:
alcli --query entitlements subscriptions get_entitlements --product_family log_data_retention --account_id accountID
For example:
alcli --query entitlements subscriptions get_entitlements --product_family log_data_retention --account_id 12345678
Sample output:
[
{
"account_id": "12345678",
"end_date": 1893456000,
"id": "95CB2C05-3917-4D58-6084-17AA6061C3F8",
"product_family": "log_data_retention",
"status": "active",
"subscription_id": "E4D22FC8-BE22-5FF9-C91F-B499559AED76",
"value": 24,
"value_type": "months"
}
]
In this output, the “value” and “value_type” display the retention period, such as 24 months in this example. If no value displays, the log retention period is the default of 13 months.
Comments
0 comments
Please sign in to leave a comment.