Log/data retention in Sophos Central when computer account is deleted

Sophos stores info about an active account\machine for 90 days where it's accessible by a customer through Central dashboard. Each object will have 90 day history available. After a machine or user is deleted from Central, then Sophos will store the info on the back-end for next 90 days, but it will no longer be available to the customer through Central reports.

As Kyle P. mentioned, if historical reports are needed for compliance, then feeding Central logs into SIEM would be the way to go. Please see the following materials explaining more about it:

Sophos Central APIs: How to send alert and event data to your SIEM

Sophos Central: FAQs on SIEM https://support.sophos.com/support/s/article/KB-000036413?language=en_US 

SIEM Integration in Sophos Central https://www.youtube.com/watch?v=1MPwbfoIdBk - quick tutorial\explanation

Hope that helps! Please let me know if you have any further questions!

Sophos stores info about an active account\machine for 90 days where it's accessible by a customer through Central dashboard. Each object will have 90 day history available. After a machine or user is deleted from Central, then Sophos will store the info on the back-end for next 90 days, but it will no longer be available to the customer through Central reports.

As Kyle P. mentioned, if historical reports are needed for compliance, then feeding Central logs into SIEM would be the way to go. Please see the following materials explaining more about it:

Sophos Central APIs: How to send alert and event data to your SIEM

Sophos Central: FAQs on SIEM https://support.sophos.com/support/s/article/KB-000036413?language=en_US 

SIEM Integration in Sophos Central https://www.youtube.com/watch?v=1MPwbfoIdBk - quick tutorial\explanation

Hope that helps! Please let me know if you have any further questions!