Apex One SaaS can only store logs to protect system health. Logs that over the limitation will be automatically purged.

1. For Data Loss Prevention (DLP), it can store up to 500,000 log entries.
2. For Other logs, it can store up to 1,000,000 log entries.

The log purge process will be triggered if any one of the below criteria is met:

For instance (DLP Logs):

“Current keep days =90 days" and "maximum keep logs=500k" are two separated criteria.

• If the number of logs < 500,000, the logs will be kept in the database (DB) for 90 days.
• The logs will be immediately purged if kept in DB for 90 days even if the number of logs < 500,000.
• If the number of logs are > 500,000 the logs will be immediately purged even if the keep days < 90 days.

Recommendation

Use the SIEM or Syslog Server.