We currently run Cisco AMP from the cloud for our anti-malware solution. We need to retain up to a year's worth of logs for PCI compliance and are trying to determine how to do so using Solarwinds. We currently run NPM, UDT, and SEM. I was initially directed to look at SAM but when I put in a support ticket I was directed to Solarwinds SDK. Let me just say that I'm very new to Solarwinds in general and am barely scratching the surface of what we currently use. I just need to get to a point of compliance and am having difficulty getting the help I need.
We have an API key and a 3rd party API client ID from Cisco AMP. I just need to figure out which tool I need and how to configure it to ingest the AMP logs. Any help would be greatly appreciated.