Share via

Cloud App Security & Sentinel Data Retention Storage

Anonymous
2021-01-20T16:33:19.457+00:00

Hi,

I have deployed Cloud App Security & Sentinel to my environment and have reviewed the retention periods. I would like to keep the information for longer than Microsoft store it. Are there any documents or best practice guidance of how to move the information out of these platforms into long term storage.

Regards
Ben

Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Sentinel
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. JamesTran-MSFT 36,906 Reputation points Microsoft Employee Moderator
    2021-01-20T21:56:28.08+00:00

    @bc-consultancy
    Thank you for your post!

    When it comes to increasing your Azure Sentinel data retention, I found some Tech Community blogs that will detail how logs from a Log Analytics workspace can easily be moved into long-term cold storage in order to comply with retention standards as well as reduce cost.

    Using Azure Data Explorer for long term retention of Azure Sentinel logs
    Move Your Azure Sentinel Logs to Long-Term Storage with Ease

    I hope this helps, if you have any other questions, please let me know.
    Thank you!

    Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.