0

I've installed OSSIM (no USM) on a VM and am trying to figure out how much disk space I need to give this VM. Basically does anyone know:

  1. How can I estimate how much disk the logs are using each day? I just have nowhere to see the rate at which the logs grow. I can see the total size of /var/log/messages and such, but I'd like to know how much storage the logs use per day. I'm been poking around in the GUI (which there's barely anything that points me in the right direction pertaining to log storage that's not USM) and the web console (which I was able to get to the CLI but not really sure where to go from there).
  2. The official site says that OSSIM doesn't include "log management," but does that mean that there isn't a way to configure OSSIM to send logs to some syslog server?
Skybellina
  • 1
  • 2
  • Any 3rd party disk monitoring tool will tell you the disk consumption every day. – schroeder Jul 28 '22 at 16:31
  • OSSIM is a syslog server, why do you want to send all the logs you collected by OSSIM to yet another log server? – schroeder Jul 28 '22 at 16:31
  • I don't quite see how is this a cybersecurity related question... – Sir Muffington Jul 28 '22 at 18:33
  • @schroeder I can't do in OSSIM what I can do in, say, Splunk. OSSIM does not have log management after all. If I don't want to download any other software, is there any way for me to view how many logs there in in `var/log` so I can estimate disk space? – Skybellina Jul 28 '22 at 19:25
  • There are tools built into Linux for this. These functions have been around for decades. And your comment about Splunk doesn't answer my question about sending logs elsewhere. – schroeder Jul 29 '22 at 08:04

0 Answers0