Log all feature comes up all the time and is confusing I think and maybe something we should solve better. But I am worried about turning ossec from security to a log daemon as other tools have solved that problem.
Currently logall just saves the raw messages without any metadata like file path, filename, timezone, etc of the event. So basiclly it's a piss poor way of saving all messages. Not to even talk about how messages are now ossec master and agent communicate so you get api chat in the logs. Is this a problem space ossec should be solving? Just looking for feedback :) -- --- You received this message because you are subscribed to the Google Groups "ossec-list" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
