ZTP collects a limited set of customer data to operate its services. This section describes retention periods and the effect of disposition events.
NOTE
See Appendix: ZTP Technical Background for details about the data each service requires.
Hosted Collectives
Hosted LogServer appliances retain logs for a rolling 30-day period.
AppGate ZTNA stores appliance backups for a maximum of 30 days.
When you deprovision a hosted AppGate ZTNA Collective, ZTP deletes all hosted appliances, their associated data, and their backups.
Risk Engine
The Risk Engine stores data collected from a third-party service until you delete the corresponding risk rule.
ZTP stores risk level usage records provided to an AppGate ZTNA Collective for 28 days.
When you delete a risk rule, ZTP deletes all data associated with that rule.
ZTP account
When you delete a ZTP account, ZTP deletes all associated resources, data, and log files.
View collected data
To view data collected through ZTP services:
In the ZTP Cloud Console, go to Services and select Risk Engine. Then select a risk rule from the list of Risk Engine rules.
Under the rule details, select the Troubleshooting tab and select Download next to the file you need:
Host Log: Contains individual incident, threat, and detection records received from a third-party service by the Risk Engine. ZTP retains this data until you delete the corresponding risk rule. ZTP deletes data for resolved events after seven days.
Usage Report: Contains a record for each time the Controller called the Risk Engine and the risk level returned for each end user. ZTP retains this file for 28 days.
Your title goes here
If an end user does not log in to their Collective for 29 or more days, ZTP deletes their usage record. The risk level is not deleted; ZTP retains it until you delete the corresponding risk rule
See Troubleshooting tab for more information about the Host Log and Usage Report files.