Buy or Renew
Buy or Renew
Meraki Community is live! Welcome Meraki Members! Learn more here.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3646
Views
5
Helpful
2
Replies

Amp for Endpoints maximum time range

Go to solution
Diego Leitao
Frequent Visitor
Frequent Visitor

‎05-30-2019 11:12 AM - edited ‎02-20-2020 09:09 PM

Hello,

I would like to know the maximum time range of device trajectory.

Is it just 30 days?

Thanks!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Matthew Franks
Cisco Employee
Cisco Employee

‎05-30-2019 12:21 PM

Diego,

 

That is correct.  The limit on Device Trajectory (version 2) is 30 days.  The legacy Device Trajectory was 4,000 events but that is nearly phased out at this point.  If you would like additional storage, we recommend setting up an Event Stream with the API and ingesting the events with a SIEM.  

 

Information on setting up an API key is on page 218 of the User Guide:
https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf

 

Information on setting up an Event Stream can be found here:
https://api-docs.amp.cisco.com/api_actions/details?api_action=POST+%2Fv1%2Fevent_streams&api_host=api.amp.cisco.com&api_resource=EventStream&api_version=v1

 

Thanks,

Matt

View solution in original post

2 Replies 2

Go to solution
Matthew Franks
Cisco Employee
Cisco Employee

‎05-30-2019 12:21 PM

Diego,

 

That is correct.  The limit on Device Trajectory (version 2) is 30 days.  The legacy Device Trajectory was 4,000 events but that is nearly phased out at this point.  If you would like additional storage, we recommend setting up an Event Stream with the API and ingesting the events with a SIEM.  

 

Information on setting up an API key is on page 218 of the User Guide:
https://docs.amp.cisco.com/en/A4E/AMP%20for%20Endpoints%20User%20Guide.pdf

 

Information on setting up an Event Stream can be found here:
https://api-docs.amp.cisco.com/api_actions/details?api_action=POST+%2Fv1%2Fevent_streams&api_host=api.amp.cisco.com&api_resource=EventStream&api_version=v1

 

Thanks,

Matt

Go to solution
Diego Leitao
Frequent Visitor
Frequent Visitor
In response to Matthew Franks

‎05-30-2019 01:09 PM

Thank you very much Matthew!!

0 Helpful
Customers Also Viewed These Support Documents