Logging and Log File

[cohere-soc]

Hi Experts,

I enabled the default logging within config.yaml, but I'm unable to find the output log file. Are there only specific rules or alerts that trigger logging?

Additionally, I'm looking to integrate the hive and Elastalert. My main reason is to get the hive alert logs in a log file. What is the best way to configure config.yaml to map to hive alerts logs? Looking to integrate something similar to /var/log/elastalert/Hive-Alerts.log as seen in https://securitynotsupported.com/wazuh-alerts-using-elastalert/.

Config File:
logging:
version: 1
incremental: false
disable_existing_loggers: false
formatters:
logline:
format: '%(asctime)s %(levelname)+8s %(name)+20s %(message)s'

handlers:
  console:
    class: logging.StreamHandler
    formatter: logline
    level: DEBUG
    stream: ext://sys.stderr

  file:
    class : logging.FileHandler
    formatter: logline
    level: DEBUG
    filename: elastalert.log

loggers:
  elastalert:
    level: DEBUG
    handlers: []
    propagate: true

  elasticsearch:
    level: WARN
    handlers: []
    propagate: true

  elasticsearch.trace:
    level: WARN
    handlers: []
    propagate: true

  '':  # root logger
    level: WARN
    handlers:
      - console
      - file
    propagate: false