Expired CloudSOC tenant - What to expected when the entitlement is expired?
search cancel

Expired CloudSOC tenant - What to expected when the entitlement is expired?


Article ID: 172096


Updated On:


CASB Audit CASB Gateway Advanced


Environment expired [details of expired situation]

What is the data retention period after expiration?

What is the deactivation time line?




  • CloudSOC Elastica Tenant


Components Functionality:

On the day after a tenant's expiration date has been reached, all entitlements are revoked. This means:

  • Any Audit, Securlet and/or Gateway access is revoked. No data is deleted at this time
  • No active data processing going on (All component).
  • New Audit logs uploaded will be ignored
  • No API calls will be made to any SaaS apps,
  • Gateway will not honor forwarded traffic, etc.
  • Only System Administrators can login to the Cloudsoc Console, to access general platform configurations or download archives. 
  • Users and Admins will not have access to the CloudSOC portal. 


Data Retention:

On the 7th day following the expiration, all Investigate, Securlet and Detect data is archived into downloadable files. These archives will be available for system admin accounts to download from CloudSOC for 30 days after the expiration date. Audit data is deleted.

On the day following the 30th day after expiration, the entire tenant is deleted, all archives are wiped. 


Note for PoC Tenants:

On the 15th day after expiration, the tenant is deleted unless the 'Delete Exemption' flag is set. 



Contact CASB Support Team, for the requested restoration of the expired Tenant will require CloudSOC Development Team interaction on the back-end to pull the archived data into the restored Tenant.