OSSECers, I have two brief questions: I have OSSEC configured to write alerts to a DB. I've noticed that the agents table is never populated (even though I have multiple agents communicating with my Manager). Is this a bug? I did find a April 2010 posting where someone reported the same symptoms and received only one response--to have a cron job populate/maintain the table. I have a log file that is created sporadically and always with the format ldap-yyyymmdd. I've tried using both a wildcard and %Y%m%d in my local file <location>, but neither approach seems to work unless the log file actually exists when OSSEC starts. Did I overlook something when I tested (I assume I did since OSSEC is obviously designed for log files), or is this really a limitation?
Thanks, Chris
