Skip to main content

Overview

Retention policies control how long XIMP stores metric, log, and flow data. Longer retention enables deeper historical analysis and incident review; shorter retention reduces storage costs. Downsampled metric retention provides long-term trend data at a fraction of the storage cost of raw metrics.
Administrator Access Required — This operation requires the admin role. Contact your Xloud administrator if you do not have sufficient permissions.
Prerequisites
  • Administrator credentials with the admin role
  • Confirmation from compliance and operations teams on required retention periods before reducing existing values
Data TypeRecommended RetentionStorage ImpactNotes
Metrics (raw, 30s resolution)30 days~2 GB per node per monthFull resolution for recent incidents
Metrics (5-min downsampled)1 year~200 MB per node per monthMedium-term trend analysis
Metrics (1-hour downsampled)3 years~20 MB per node per monthLong-term capacity planning
Logs90 daysVaries by log verbosityIncident review and audit
Flow data30 days~5 GB per Gbps per monthNetwork forensics

Configuring Retention

Navigate to Monitoring → Administration → Retention Policies and configure retention for each data type.
  1. Select the data type (Metrics Raw, Metrics Downsampled, Logs, Flows)
  2. Enter the retention duration (e.g., 30d, 90d, 1y)
  3. Click Apply
Reducing retention periods deletes historical data immediately and irreversibly. Confirm with compliance and operations teams before shortening any retention window. Data deleted by retention policy cannot be recovered.

Downsampling Configuration

Downsampling aggregates raw metric points into lower-resolution summaries at configurable intervals. This enables long-term retention at a fraction of the storage cost.
Downsampling LevelResolutionApplied AfterStorage vs Raw
Level 15 minutes7 days~10× reduction
Level 21 hour30 days~120× reduction
Downsampled data retains statistical aggregates: min, max, sum, count, and average. Exact per-second values are not recoverable after the raw data retention period expires. Ensure raw retention is long enough for the typical incident investigation window.
Configure downsampling rules in Monitoring → Administration → Downsampling Rules.

Compliance Retention Requirements

For regulatory compliance, consult the following minimum retention guidelines:
RegulationMinimum Log RetentionNotes
ISO 270011 yearSecurity events and access logs
SOC 2 Type II1 yearCovers audit period plus review buffer
PCI DSS1 year (3 months online)Transaction-related system logs
HIPAA6 yearsHealthcare system access logs
Set XIMP log retention to match your most demanding regulatory requirement. Storage cost for log data is typically dominated by verbosity — reduce log levels to WARNING on non-critical services to reduce volume without losing important events.

Next Steps

Log Collection

Control log ingestion volume by configuring which services are collected

Architecture

Understand storage layer sizing for your retention requirements

Security

Access controls for retention policy management

Troubleshooting

Diagnose storage pressure caused by high-cardinality metrics or high log volume