Greetings, I have just installed OSSEC for testing and so far liking what I see. We have a custom app that creates logfiles and I have a couple questions on how to get OSSEC to monitor these logs in real time. The app is a real time interface and I need to alert on when it can't connect to a remote service which is in the logfile.
1) The logfile name is in format of 'errorYYYYMMDD.log' and the app rotates/opens a new logfile each day. Is there a way to monitor a logfile that has a name that changes daily? 2) The logfile has entries in the format of the following where NNNN is a 4 digit numeric error number YYYY-MM-DD HH:MM:SS.MMMM ERROR: NNNN text string TIA
