What I would like to have confirmation from Cisco is that we are saving same data to the MNTs and to our Syslog Servers, so we can safely purge that data without compromising our audit commitments.
Wherever we have both MNTs and SysLog Servers configured, is there any difference between the logs MNTs and the logs that are sent to Syslog? Are exactly the same ones? (e.g. the Accounting logs send to LogCollector and to SLG1 contain exactly the same info with no variation?)
Any Cisco ISE Guru that can help with this.