Data Retention in your Google SecOps account
By default, Google retains twelve months of your data in your Google Security Operations account. This retention period can be extended as part of your Purchase Order. The retention period applies to all of the data in your Google SecOps instance. For example, you can't modify the data retention policy for a specific log type.
Google uses an automated system to remove historical data based on event and detection timestamps.
View your data retention start date in Google SecOps
The Data Retention page is a read-only section within the SIEM settings that shows the date when data retention began for your account.
To view your data retention start date, follow these steps:
In the navigation bar, select Settings and click SIEM Settings. The SIEM Settings page displays all settings relevant to SIEM.
Under Environment, click Data Retention.
The Data Retention page displays the retention start date in yyyy-mm-dd format.
For more information on data retention, see View data retention in your Google SecOps account.
The SIEM Settings page displays all settings relevant to SIEM. Under Environment, click Data Retention.
To learn about where data in the Google SecOps account is stored, see SecOps service locations.
For more information, see Google SecOps pricing.
Need more help? Get answers from Community members and Google SecOps professionals.