image, i have a this layer foder .
etc/ etc/a etc/b etc/a/1 etc/a/1/1 etc/b/1 etc/c etc/yy.log
etc/aaa and so on.
like this
etc|-----a-----1----cc.log
|-----b-----1---dd.xxx
|-----yy.log
|-----aaa
if i want check all of .log file
how to write in ossec.conf ?
i have to try write configure
<localfile>
<log_format>syslog</log_format>
<location>/etc/*.log</location>
</localfile>
but only can check yy.log how could i set configure to check cc.log and
dd.log use like *.log not wrie it is full path ?
2 Like above environment.
how to ignore cc.log yy.log without write full path to match it in
syscheck ?
