Log Retention

Last modified on August 10, 2022

If you store logs with strongDM, rather than (or in addition to) on your relays, streaming to an outside service, or other similar options, they will be visible in the Admin UI for a particular period of time depending on the type of record in question. Some logs may store 12 months, while certain kinds of queries may show the last day or last 100 queries.

Additionally, there is a cap of 4,500 log lines for RDP, SSH, Web, Kubernetes, and Cloud Logs in the Admin UI.

However, if you wish to download the logs or run a search for specific events beyond the range of time shown in the Admin UI, please use the CLI. All logs are retained by strongDM and available via the CLI for a period of 13 months. Once their 13-month lifespan expires, log entries of any kind are permanently deleted.