Hi  Roman, thanks for your response. By creating 3 months I mean getting data from the previous 2 months and comparing them to the recent month. Is there a way I can generate a report for detected threat events from February and March ,and then compare them to a report in April? Or the retention policy does not make that possible? Thanks for all the help.

OK so let me be more specific. You can only browse events under Event tab that will give you all the details such as event names, Device Trajectory, File trajectory, Detection,  etc..  for 30 days  how ever you can get summarized reports by default Weekly / Monthly under Analysis tab Reports.

Those are available to you and go back for very long time. In my org for example since it was created in 2020 but those reports are very high overview and basic so not sure if that's enough for you. It will contain this info in words and graphical preview.

Example:

Table of Contents
---------------

Connector Status: 444K Files Scanned, 30.7K IPs Scanned
Compromises: 3 New Compromises, 0 Resolved
File Detections: 98 Detections, 47 Quarantines
Network Detections: 0 DFC Detections, 0 Computers Affected, 0 Agentless Global Threat Alerts Events
Threat Root Cause
Low Prevalence Executables: 12 Low Prevalence Executables Analyzed
Vulnerabilities: 2 Vulnerabilities Observed

I have seen the summarized reports that can be generated under the analysis tab Reports. They are not really helpful as i am looking for reports for endpoint detections which will allow me to also filter out false positives. I need to get this reports for positive detections and also false positive detections for management. Any ideas are welcome and thanks again.

Thanks alot for the information