Deep Discovery Analyzer can
retain the investigation package data for up to 100 days, but the time can be reduced
due to
storage limitations.
 |
Note
To ensure the availability of the investigation package data, Trend Micro recommends backing up the data to an
external server. For details, see Data Backup.
|
The following examples illustrate how storage limitations can affect the amount of
time that the investigation package data is retained in Deep Discovery Analyzer.
Based on testing done by Trend Micro,
the average size of the investigation package data is 8 MB. If Deep Discovery Analyzer analyzes 8000 samples per
day, then the resulting investigation package data is 64000 MB.
-
After about 31 days, the 2 TB disk from Deep Discovery Analyzer 1000 is filled and the
investigation package data is purged.
-
After about 62 days, the 4 TB disk from Deep Discovery Analyzer 1100 is filled and the
investigation package data is purged.
-
After about 62 days, the 4 TB disk from Deep Discovery Analyzer 1200 is filled and the
investigation package data is purged.
If Deep Discovery Analyzer is in
cluster mode, the disk space occupied per day is multiplied by the number of appliances
in the
cluster.
-
Using the numbers from the example above, the investigation package data for a
cluster with five Deep Discovery Analyzer
1000 appliances is purged after about 6 days.
-
Using the numbers from the example above, the investigation package data for a
cluster with five Deep Discovery Analyzer
1100 appliances is purged after about 12 days.
-
Using the numbers from the example above, the investigation package data for a
cluster with five Deep Discovery Analyzer
1200 appliances is purged after about 12 days.
