How long are my events stored?

As of May 15, 2017, the event retention period is 32 days. Customers requiring a longer duration event retention period should consider exporting events to an external SIEM. For more information, see Forward Deep Security events to an external syslog or SIEM server .

Event history is retained for:

  • Anti-malware events
  • Application control events
  • Firewall events
  • Integrity monitoring events
  • Intrusion prevention events
  • Log inspection events
  • Web reputation events
  • System events

To view your events, in Deep Security Manager, go to Events & Reports.