Apr 24 2017 02:03 AM
A search in audit log cannot past the date the audit log was activated. But how long will the data in audit log been kept? Will it be possible in 2022 to search for activities that happened in 2016?
Apr 24 2017 11:38 AM
The audit log events under the Security and Compliance Center in general are kept for 90 days. If you need more, you need to export/store them on your own, or use a 3rd party tool that does that. Using ASM gives you 180 days, at additional cost.
Apr 25 2017 12:33 AM
Thanks for you feedback, Vasil. But if I don't understand why I can go back in the audit log until the moment we've started audit log recording. This is now more than 1 year ago.
Apr 25 2017 10:42 AM
Because it costs money to provide storage for all that data and make it available in near real time? 🙂 You can ask the same question about Reports, we've always had a limited data there too.
May 18 2017 06:34 AM
May 18 2017 11:38 AM
I do actually, but I see different "cutoff" dates for different types of audited activities. Still, a good sign I guess, seems we're getting support for more than 90 days 🙂
Jul 04 2017 01:06 AM
For infinite audit data retention, you need to write custom audit data collection script or go to some 3rd party offerings.
I recommend AdminDroid Auditor to hold activity data for such a long period. It collects and stores your data in your on-premise server. So the data is always in your control. Try the online demo to explore the product.