I'm trying to get off the Atomic repo for a variety of reasons, so I just
did a 3.6.0 agent install from the tarball's script on a CentOS 7 minimal
machine to test the process and compatibility with my build tweaks. One of
the issues I had with the Atomic repo 3.3.0 package install was
/var/os
On Mon, Jun 15, 2020 at 3:09 PM Scott Wozny wrote:
>
> I'm trying to get off the Atomic repo for a variety of reasons, so I just did
> a 3.6.0 agent install from the tarball's script on a CentOS 7 minimal machine
> to test the process and compatibility with my build tweaks. One of the
> issues
Thanks for the reply, Dan. I'll probably roll my own logrotate script and
use the one from the Atomic repo 3.3.0 install as a base. And yes,
ossec.log was empty because I hadn't started the agent yet. I had assumed
a different purpose for that file, but now that I'm running a few agents
reportin
OK, so after a little more digging, I see now why there is no logrotate
script that comes with the build from source since the files in
/var/ossec/logs/alerts, archives and firewall are managed and compressed by
ossec, itself. :)
This leaves me with a couple questions, though.
1) Is the size of o
On Wed, Jun 17, 2020 at 5:06 PM Scott Wozny wrote:
>
> OK, so after a little more digging, I see now why there is no logrotate
> script that comes with the build from source since the files in
> /var/ossec/logs/alerts, archives and firewall are managed and compressed by
> ossec, itself. :)
>
>
Cool! Thanks again for the feedback. :)
Scott
On Thu, Jun 18, 2020, 09:03 dan (ddp) wrote:
> On Wed, Jun 17, 2020 at 5:06 PM Scott Wozny wrote:
> >
> > OK, so after a little more digging, I see now why there is no logrotate
> script that comes with the build from source since the files in
> /v
