Data Retention
As of July 2020, the data retention policies for Sysdig Monitor and Sysdig Secure are as described below.
When a host or instance is no longer monitored (i.e. when an agent is uninstalled), the historical data continues to be retained for the stated times.
Sysdig Monitor Retention Limits
Essentials | Enterprise | |
|---|---|---|
Metrics data | 10s : 4 hours 1min : 2 days 10 min : 2 weeks 1 hr: 2 months 1 day: 15 months | same as Essentials |
Events | Alert events: 30 days Custom events: 14 days OR 10M (per customer) | same as Essentials |
Captures | 90 days | same as Essentials |
Sysdig Secure Retention Limits
Essentials | Enterprise | |
|---|---|---|
Policy events | 1M events or 90 days | same as Essentials |
Activity audit | 5 days | 90 days |
Benchmarks | 30 days | 90 days |
Scan results The image eviction conditions above are applied simultaneously; the retention policy will trigger for the first one that matches. | Image data is kept for a maximum of 7 days. Sysdig Secure will retain a maximum of 3 tags per repository and a maximum of 3 different images per tag * Images used by a container that is monitored by a Sysdig agent (Runtime images) will always be kept, regardless of the limits above. | Image data is kept for a maximum of 90 days. Sysdig Secure will retain a maximum of 5 tags per repository and a maximum of 5 different images per tag * Images used by a container that is monitored by a Sysdig agent (Runtime images) will always be kept, regardless of the limits above. |
Vuln Management Reports | 14 days | same as Essentials |
Captures | 90 days | same as Essentials |
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.