Hello fellow scholars, It seems that I have come across an issue in an environment that I am currently working in. This issue deals directly with the hips logging component, the activity log to be exact.
Here is what I'm seeing ( or not seeing in this case) I have the activity log size set at 100mb in the policy, which appears to have been reached on the machines in question. The log appears to have rotated once according to the duplicated log file suffixed with 1 (in the same directory).
I was seeing events just fine up to the point the logs reached capacity (100 approx), now I see no events, nor do I see any change in the log (size or date stamp).
I have found no documentation on this subject.
I guess my question is what is supposed to be the default behavior when the activity log reaches the capacity that is set. ( I came across something that mentioned log_rotate_count) in the registry but this was for (Hipshield.log)
If it is behaving as expected, what is a solution, besides increasing the log size?
Can someone please enlighten me?
Thanks for reading,