New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cluster log rotation: set correct permissions and store rotations in /logs/ossec #667

Merged
merged 6 commits into from Jul 12, 2018

Conversation

Projects
3 participants
@mgmacias95
Member

mgmacias95 commented May 24, 2018

Hello team,

This PR fixes #665.

To do so, I have created a custom file rotation handler that inherits from the TimedRotatingFileHandler. This custom handler:

  • Sets the permissions of the cluster.log file to 660 with user and group ossec.
  • Stores the rotated log in /logs/ossec directory as Wazuh core does with the ossec.log file.

Best regards,
Marta

@mgmacias95

This comment has been minimized.

Show comment
Hide comment
@mgmacias95

mgmacias95 May 24, 2018

Member

Some improvements:

  • It would be better to store the cluster logs in /logs/cluster directory.
  • The stored logs must have the same filename format that Wazuh core has: YYYY/MM/cluster-DD.gz
  • The logs should be compressed using .gz.
Member

mgmacias95 commented May 24, 2018

Some improvements:

  • It would be better to store the cluster logs in /logs/cluster directory.
  • The stored logs must have the same filename format that Wazuh core has: YYYY/MM/cluster-DD.gz
  • The logs should be compressed using .gz.

@jesuslinares jesuslinares requested review from Lifka and removed request for jesuslinares Jun 12, 2018

@jesuslinares jesuslinares added this to In review in Wazuh TBD via automation Jun 12, 2018

@Lifka

Lifka approved these changes Jun 22, 2018

@jesuslinares jesuslinares added this to In review in Wazuh 3.5 via automation Jul 5, 2018

@jesuslinares jesuslinares removed this from In review in Wazuh TBD Jul 5, 2018

@mgmacias95 mgmacias95 changed the base branch from 3.2 to 3.5 Jul 9, 2018

@jesuslinares jesuslinares merged commit e89d3cd into 3.5 Jul 12, 2018

Wazuh 3.5 automation moved this from In review to Done Jul 12, 2018

@jesuslinares jesuslinares deleted the improve-3.2-cluster-log-rotation branch Jul 12, 2018

mgmacias95 added a commit that referenced this pull request Jul 13, 2018

vikman90 added a commit that referenced this pull request Jul 25, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment