Where are the Event Log Caching directories?

SUMMARY

Aug 21, 2015

The event log storage locations for the following agents are listed below:

Snare for Windows: There is no file cache, instead the Windows Event Log is used as a cache.

Epilog for Windows: The Installation Directory which defaults to c:\program files\epilog\

Snare for Solaris: /etc/security/snare/

Epilog for Unix: /etc/snare/cache

Please note, that the log locations will only exist on the shutdown of the agent.