Letting system handle log rotation

Zeek
1

I have the system's syslog to do the log rotation, including
renaming, just the way I want. If I set LogRotationInterval = 0, would
zeek then let the system do its thing?

2

Got it to work:

[raub@testcentos log]$ sudo ls -lh /var/log/bro/old
total 16M
-rw-r--r-- 1 root root 14K Apr 21 03:39 capture_loss.log-20200421
-rw-r--r-- 1 root root 3.6M Apr 21 03:39 communication.log-20200421
-rw-r--r-- 1 root root 6.4M Apr 21 03:39 conn.log-20200421
-rw-r--r-- 1 root root 970K Apr 21 03:39 dns.log-20200421
-rw-r--r-- 1 root root 177K Apr 21 03:39 files.log-20200421
-rw-r--r-- 1 root root 120K Apr 21 03:39 http.log-20200421
-rw-r--r-- 1 root root 27K Apr 21 03:39 loaded_scripts.log-20200421
-rw-r--r-- 1 root root 187 Apr 21 03:39 packet_filter.log-20200421
-rw-r--r-- 1 root root 529 Apr 21 03:39 reporter.log-20200421
-rw-r--r-- 1 root root 30K Apr 21 03:39 sip.log-20200421
-rw-r--r-- 1 root root 24K Apr 21 03:39 ssl.log-20200421
-rw-r--r-- 1 root root 118K Apr 21 03:39 stats.log-20200421
-rw-r--r-- 1 root root 188 Apr 21 03:39 stdout.log-20200421
-rw-r--r-- 1 root root 580 Apr 21 03:39 top_dns.log-20200421
-rw-r--r-- 1 root root 3.8M Apr 21 03:39 weird.log-20200421
[raub@testcentos log]$ sudo ls -lh /var/log/bro/current
total 12M
-rw-r--r-- 1 root root 22K Apr 21 12:13 capture_loss.log
-rw-r--r-- 1 root root 5.7M Apr 21 12:22 communication.log
-rw-r--r-- 1 root root 11M Apr 21 12:22 conn.log
-rw-r--r-- 1 root root 1.6M Apr 21 12:22 dns.log
-rw-r--r-- 1 root root 283K Apr 21 12:22 files.log
-rw-r--r-- 1 root root 191K Apr 21 12:22 http.log
-rw-r--r-- 1 root root 0 Apr 21 03:39 loaded_scripts.log
-rw-r--r-- 1 root root 784 Apr 20 20:42 notice.log
-rw-r--r-- 1 root root 0 Apr 21 03:39 packet_filter.log
-rw-r--r-- 1 root root 0 Apr 21 03:39 reporter.log
-rw-r--r-- 1 root root 42K Apr 21 12:03 sip.log
-rw-r--r-- 1 root root 36K Apr 21 12:21 ssl.log
-rw-r--r-- 1 root root 190K Apr 21 12:19 stats.log
-rw-r--r-- 1 root root 0 Apr 20 13:28 stderr.log
-rw-r--r-- 1 root root 0 Apr 21 03:39 stdout.log
-rw-r--r-- 1 root root 0 Apr 21 03:39 top_dns.log
-rw-r--r-- 1 root root 6.1M Apr 21 12:22 weird.log
-rw-r--r-- 1 root root 1.3K Apr 21 02:26 x509.log
[raub@testcentos log]$

3

But now I broke mail summary:

# Mail connection summary reports each log rotation interval. A value of 1
# means mail connection summaries, and a value of 0 means do not mail
# connection summaries. This option has no effect if the trace-summary
# script is not available.
MailConnectionSummary = 1