Here a couple of docs that might be able to help here:
 

Data retention in your Google SecOps account

Google SecOps best practices

Hi ​@kentphelps ,

How are those links supposed to help with the question? Not trying to be rude, but that is quite literally the baseline knowledge and corroborates my initial claim that “ SecOps has a flat retention of 1 year and there is no way to enforce data retention policies for specific log types or based on other parameters”.

The problem is not extending the retention period, but to delete data containing PII or other information which national regulations require to be deleted after a retention period under 1 year.

If there is no way to address this, the product itself might not be compliant with privacy regulations in most parts of the EU.

I agree there are limitations here.  I would recommend engaging support to get a feature request opened.

Hi RT

I understand your position.  For the sake of conversation, would you mind providing some specific examples please e.g. how many different policies, what each duration is.

I’ve heard different takes on similar threads, so eager to know what you have in mind.

Thanks

Andy

Hi ​@SoarAndy ,

sure, here are some examples:

• Email metadata: retention 21 days
• Web navigation data associated (directly or through cross-examination with other sources) with a specific user: retention 90 days

In general, we see growing requests from our customers on providing technical proof of being able to delete, change retention or programmatically anonymize specific PII data.

Thanks,