RIF - Reading is fundamental... Thank you,
Jared On Tuesday, July 23, 2013 10:45:45 AM UTC-4, Jared wrote: > > Based on: > > http://www.ossec.net/doc/manual/monitoring/file-log-monitoring.html > > > Multiple Files Example > > <location>/var/log/*.log</location> > > > Date Based Example > > <location>C:\Windows\app\log-%y-%m-%d.log</location> > > > And leveraging central agent.conf with the following entry: > > <localfile> > <location>/usr/tomcat/server/logs/das/*.%Y-%m-%d.log</location> > <log_format>syslog</log_format> > </localfile> > > I receive the following error: > > 2013/07/23 14:21:30 ossec-logcollector(1904): INFO: File not available, > ignoring it: '/usr/tomcat/server/logs/das/*.%Y-%m-%d.log'. > > Where: > > /usr/tomcat/server/logs/das/ > > Contains one or more of the of the following files: > > [[email protected]][blabla].2013-07-23.log > meter.2013-07-23.log > [system][none].2013-07-23.log > [[email protected]][sfdsn].2013-07-23.log > [[email protected]][randomproductID].2013-07-23.log > clouddb.2013-07-23.log > > *Question 1*: Why is it not picking up any or all of the logs in this > folder > > *Question 2*: why is it not at least getting meter.2013-07-23.log & > clouddb.2013-07-23.log > > *Question 3*: how do I have Date and Multiple in a single line entry in > the agent.conf? > > Thank you, > > Jared > -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/groups/opt_out.
