Does SailPoint or IdentityNow have a solution for clients that want to maintain audit records past 5 years? I am looking for a script or best practice that describes how to automatically roll off audit logs for retention purposes.
thanks
Hi Doug,
The audit information can be retained past 5 years but it will depend on the justification provided to Sailpoint Team.
Can you please raise a support ticket and ask your CSM about the same. He will help you out with the process
Thanks Rakesh, I am looking for suggestions on how to manage audit data 6 years old and farther out. I was hoping SailPoint had some procedure or best practice documentation on how to export the audit data so that my client can maintain the > 5-year-old audit information on their servers.
My recommendation would be to use something like the Splunk AuditEvent add-on or something similar and dump it into your SIEM.
SailPoint IdentityNow AuditEvent Add-on for Splunk - Installation and User Guide - Compass
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.