is there any command that we can run or is there any other method service desk or infra team can use before decommissioning an endpoint so that the pc name will be removed from the asset list/dashboard?
No. But you can set the Agent Retention Period within to as low as 7 days.
Hi Chris, thank you for your response. Does it work the same way for Vulnerability Management (VM) platform? I do not see such a setting on that console. I see multiple machines on the VM console which have last checked in time as more than two months old. Does this setting you offered cover VM as well? If not, how would we do something similar like this over there?
The data retention shown above by Chris comes from the Insight Platform, and that doesn’t affect the data retention within the InsightVM Security Console itself. For that, you’d need to set it specifically in the Security Console settings.
You can find these settings by going to the Administration page and looking for the Database section. Under here, open the Maintenance, Backup and Retention link, and then head to the Data Retention tab.
If you currently have it set to Retain all scan and report data, you’ll need to select the option Retain only data within a specific time frame to see the options. Among these options are Retain only active agent within the past X, this is the Agent data retention settings for the console.
There’s an additional caveat here in how the data retention interacts on the console to be aware of. If an asset with an Agent has been scanned at any point, it will not fall under the Agent data retention setting. Instead, the console will default to the Retain only asset data within the past X setting. So be mindful of whether you have scans running on these assets as well, and adjust appropriately!
This should get you what you need, but if you have any issues with that let me know. We can also dive deeper into this with a support case if you need further help!