X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=debian%2Fossec-hids%2Fusr%2Fshare%2Fdoc%2Fossec-hids%2Flogs.txt;fp=debian%2Fossec-hids%2Fusr%2Fshare%2Fdoc%2Fossec-hids%2Flogs.txt;h=0000000000000000000000000000000000000000;hp=269068c011973448e1b3893fb9734450cc8a115d;hb=946517cefb8751a43a89bda4220221f065f4e5d1;hpb=3f728675941dc69d4e544d3a880a56240a6e394a

diff --git a/debian/ossec-hids/usr/share/doc/ossec-hids/logs.txt b/debian/ossec-hids/usr/share/doc/ossec-hids/logs.txt
deleted file mode 100644
index 269068c..0000000
--- a/debian/ossec-hids/usr/share/doc/ossec-hids/logs.txt
+++ /dev/null
@@ -1,53 +0,0 @@
-OSSEC v0.9
-Copyright (C) 2009 Trend Micro Inc.
-
-
-OSSEC Logging
-
-== Introduction ==
-
-Ossec supports three types of logs. Alert logging, firewall
-logging and event (archiving) logging.
-
-Every message received is treated as an event. 
-Any log message, integrity report, system information will be treated 
-as such. Event logging is very expensive for the system because
-it will archive every event. However, they can be usefull to get
-the big picture if some attack happens.
-
-Alert logging is the most useful one. An alert is generated when
-an event is matched against one of the detection rules. In addition
-to the logging, OSSEC can also generate e-mail notifications or
-execute external commands for them. 
-
-
-== Event logging ==
-
-Inside the OSSEC default log directory (by default /var/ossec/logs) 
-there is an entry for "archives" (/var/ossec/logs/archives). Inside this
-directory, all events will be stored by date.
-For example, all events received on May 22 of 2004, will be stored on:
-
-/var/ossec/logs/archives/2004/May/events-22.log
-
-After each day, a hash will be created for this specific day at
-
-/var/ossec/logs/archives/2004/May/events-22.log.md5
-
-This hash will be the hash of the file from the day 22 plus the hash
-from the day 21.
-
-The hash from the day 1, will be the hash from the day 31 (or 30 or 28)
-from the previous month.
-
-This will ensure that no log will be modified. Also, for this to happen,
-all the logs (since the first day) will need to be modified.
-
-
-== Alert logging ==
-
-There will be a "alerts" directory on the OSSEC default logging directory.
-It will be organized on the same way the event logging is. Please read
-above to understand it.
-
-