OSSEC HIDS v3.5.0 has been running but now ossec-analysisd fails. Not running but there is still a .pid file in /var/ossec/var/run for it.
ossec-init.conf;
DIRECTORY="/var/ossec"
VERSION="3.5.0"
TYPE="server"
Linux 3.10.0-1160.31.1.el7.x86_64
ossec-analysisd(1107): ERROR: Could not create directory '/logs/archive/2022/' due to [(2) - (No such file or directory)]
I have over 40 agents that have been working so I don't want to completely re-install if I can avoid it!
analysisd /logs/archive/2022 No such file or directory
Re: analysisd /logs/archive/2022 No such file or directory
Stop the ossec-hids process and then rm the pid file and restart the service. See if that kicks it into gear.