On Wed, Jul 01, 2020 at 14:03 -0700, Jon Siwek wrote:
> What if an open() rarely or never happens again for a given log?
Ah, right, forgot about that case. So yeah, agree, the shadow files
are useful for this and to retain whatever information we need.
> * Changed: running through a function
On Wed, Jul 1, 2020 at 1:59 AM Robin Sommer wrote:
>
> > Log::default_rotation_dir
>
> Seems we should then set this to "." by default, and have the cluster
> framework override it.
Yes, exactly.
> Once moved, I suppose we would continue to optionally run a
> post-processor, right? For a
On Tue, Jun 30, 2020 at 01:39 -0700, Jon Siwek wrote:
> * https://github.com/zeek/zeek/wiki/Zeek-Supervisor-Log-Handling
This overall sounds good to me. Some notes & questions:
> Log Rotation
> To help bridge/replace Step (4) and (5), suggest adding a new option:
>
