ArcSight ESM Logs Tar Script

File uploaded by on Jun 17, 2016Last modified by on Jun 17, 2016
Version 3Show Document
  • View in full screen mode

This script will TAR up all the logs in the manager logs default directory and move them to /opt/arcsight/logger/data/archives/arcsight_esm_server_logs_archive/ directory, it will delete files older than 14 days. Inside the script instructs you how to set up a CRONTAB.  Backing up three times a day is helpful because otherwise if you have an issue the logs can be written over for that day.  Also the ability to go back and look at older logs is very helpful.