Yes, it does exist and is full of .sum and .gz files. --- On Mon, 11/29/10, dan (ddp) <[email protected]> wrote:
From: dan (ddp) <[email protected]> Subject: Re: [ossec-list] Archives are empty??? To: [email protected] Date: Monday, November 29, 2010, 4:33 PM Does /var/ossec/logs/alerts/2010/Nov exist? I think /var/ossec/archives only store the <logall> archives, not the alert archives (but I can't double check at the moment). On Mon, Nov 29, 2010 at 4:20 PM, Chris <[email protected]> wrote: > I am a newbie to OSSEC. I am seeing daily gzipped files in /var/ossec/ > logs/archives/{Month}, but the gzipped files have no content - it > doesn't seem to be gzipping the actual files from /var/ossec/logs/ > alerts/alerts.log. > > Is there some place this needs to be configured? > > Thanks
