Jan 31 2022 03:16 AM
Hi,
I'm testing out Microsoft Sentinel with a couple of Use Cases to prove it's value internally. I was also looking for an Incident Management Platform and considering RTIR for our case management. But Sentinel has most of the stuff we need for starting with case management.
My question is if the incidents we manage are retained forever or if they are aligned with the Log retention period (which now I have 90 days)? That would make a huge difference on using Sentinel for case management as well.
Thanks
Jan 31 2022 03:20 AM
Jan 31 2022 04:03 AM
Jan 31 2022 04:04 AM
Jan 31 2022 05:12 AM