Carbon Black Cloud: What Are The Size And Age Retention Policies For Sensor Logs?
book
Article ID: 288520
calendar_today
Updated On:
Products
Carbon Black Cloud Endpoint Standard (formerly Cb Defense)Carbon Black Cloud Enterprise EDR (formerly Cb Threathunter)
Issue/Introduction
What Are The Size And Age Retention Policies For Sensor Logs?
Environment
Carbon Black Cloud Sensor: All Versions
Microsoft Windows: All Supported Versions
Resolution
The log limits are based on the size of the log itself. Various different logs have different size caps and, depending on the log, will either create a new instance of the log and zip the old one and keep a number of instances with nothing rolling off until that cap is reached. Some examples are listed below:
Confer Max size: 250MB Retention policy: Rotate Rotation count: 20