Hi, I was wondering if TCP transport (or UDP with ACKs and buffering) has been considered instead of the current UDP-based communication between agents and OSSEC. I didn't have much luck with Google on this subject.
I'd love to standardize on the OSSEC Windows agent for all my log file transfer needs but the prospect of lost log entries is worrisome in case of customer transaction logs. Is a TCP-based transport something that has been ruled out, something that is being worked on, or something that could be accepted by way of a pull request? Cheers, -Slim
