Hi.
How can I manage filter logs from IDS (those written at /var/log/filter directory)?
Is any possibility to add some gzip or bzip2 function to log rotation? At my installation, every daily file has around 5GB of size and this quickly fills up entire disk. I've now limited to keep only 3 files, but it's not comfortable. Compressing those files would save a lot of space, are they are simple txt files...
Thanks a lot in advance for any hint :) I coudn't find any configuration for this :/
To my knowledge you can't compress files from settings etc.
You can try scheduled script for it (Compress all un compressed files in xxx folder every xxx hours)
What I know does work, is that you can send the logs to external storage or at least use Wireshark or remote log server program and set logs to be available to be fetched from specific source through specific UDP port.