The Security Analytics Archiver is an appliance that enables long term log archiving by indexing and compressing log data and sending it to Archiving storage. The Archiving storage is then optimized for long term data retention and compliance reporting.
Archiver stores raw logs and log meta from Log Decoders for long term retention and it uses Direct-Attached Capacity (DAC) for storage.
Note: Raw packets and packet meta are not stored in the Archiver.
The following figure depicts the architecture of a Security Analytics network that implements the Archiver.