bruno xxx - 2009-09-11

Inside my policy I put a line like :
/appli//logs   -> $(Growing)
I apply this policy, reinit the database and to test I add some addtionnal lines inside /appli/logs/jonas.log file (this file already exists). After I create a new file inside /appli/logs called test.log.
After that I scan with tripwire and I have Total violations found : 2 (one for the creation of the new file test.log and one for the modification of jonas.log).
I don't understand why because for me I want : Total violations found : 0 because It's not a violation if jonas.log grows and it's not a violation too if a new file is created inside this directory (exemple of new file cause by rotation log).
Is someone know why tripwire gives me 2 total violation and how to configure it in this case ?