I am currently running Security Event Manager, version 2020.2. I need to store five to seven years of raw logs (not normalized).
I found in the SEM 2020.2 Administrators Guide that "A separate nDepth appliance provides additional capacity to store and retrieve raw log messages. If long-term storage of original log messages is a priority, then consider a separate nDepth VM. Otherwise, a separate instance is probably unnecessary. For more information contact your SolarWinds sales representative or SolarWinds Technical Support."
However, I have been told by SolarWinds Support that the nDepth Retention Server (L4) feature was removed in the 6.7 release of SEM and is no longer supported..
Any thoughts on how to accomplish storing five to seven years of raw logs (not normalized) with Security Event Manager is greatly appreciated.