1. Are SCEP Historical Data (Threat History) stored on a log on the Server? or does SCCM 2012 read the data from the SCEP Logs on the client?
2. If I'm looking to keep\pull SCEP historical data for 1 year, do I have to edit the "Delete Aged Threat Data" under maintenance task from the default "30" days to "365"?
Just seems strange that the default is 30 days. I know Auditors require tracking historical data from a year or so.