Hi there I am trying to understand how to ensure I retain data for my ISE deployment over the long term (lets assume 2 years).
I can see a couple of options, but not sure if I am missing some other methods.....
Option 1 - configure a remote logging (syslog) server and send all RADIUS/TACACS logs to this remote syslog server (as well as the local log collector on ISE)
Option 2 - under operational data purging there is an export repository. How does this work? It wasn't clear from documentation but I assume when data is purged it is sent to the repository I selected. i.e. If set to 30 days logs remain only on the ISE node for up to 30 days at which point they are exported to my respository and deleted from ISE disk? In addition, you can only export to an FTP server - is that right?
Some clarification on the above would be much appreciated, plus any other options that I may have missed.
Thanks
Darren