[Bro-Dev] [JIRA] (BIT-1490) Need ability to expire logs with more granularity than #days.
Seth Hall (JIRA)
jira at bro-tracker.atlassian.net
Fri Oct 9 18:54:00 PDT 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1490?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=22421#comment-22421 ]
Seth Hall commented on BIT-1490:
--------------------------------
For the particular user I was talking to today they needed less than one day. I would have made this change myself, but I thought it probably required a bit of discussion on if it's worth adding and how exactly it should be done.
> Need ability to expire logs with more granularity than #days.
> -------------------------------------------------------------
>
> Key: BIT-1490
> URL: https://bro-tracker.atlassian.net/browse/BIT-1490
> Project: Bro Issue Tracker
> Issue Type: Improvement
> Components: BroControl
> Affects Versions: git/master
> Reporter: Seth Hall
> Priority: Low
>
> There are some users that would like or need to have BroControl maintain their collected logs with tighter granularity than how many days old the logs are.
> Right now the find command that determines which files to delete uses `-mtime` which is `x*24hr`. We would need to use the `-mmin` argument otherwise, but I suspect this would introduce the need to do some parsing of of the value given so that people could specify things like `10hr` or `5days`.
--
This message was sent by Atlassian JIRA
(v7.0.0-OD-07-011#70107)
More information about the bro-dev
mailing list