We are in the process of fully deploying Security Event Manager (we've had it since 2015 but it was only collecting from a small subset of nodes). There will be approximately 100 servers and 1,000 workstations connected. We are being tasked with retaining 6 years of logs since we are a healthcare organization. I'm trying to gauge how much storage we are going to need to support this requirement. So far, we have consumed approximately 30 GB in the previous month, with just the servers added. Is it common/reasonable for a SEM database to be multiple TB's in size? Is there something different other organizations are doing? We have configured the archive, but I'm not sure if this is saving much space.