Hi,

Does anybody have insights on how to handle compliance regulations such as GDPR with specific requirements to delete ingested logs after a specific time interval?

In Europe there quite stringent regulation for data retention, and some metadata and log types are required to be deleted after some weeks or months.

If my understanding is correct, SecOps has a flat retention of 1 year and there is no way to enforce data retention policies for specific log types or based on other parameters.

Is this not going to be an issue for audits? Is there no current way to handle the matter?

Thank you all,