ArcSight ESM Logs Tar Script
This script will TAR up all the logs in the manager logs default directory and move them to /opt/arcsight/logger/data/archives/arcsight_esm_server_logs_archive/ directory, it will delete files older than 14 days. Inside the script instructs you how to set up a CRONTAB. Backing up three times a day is helpful because otherwise if you have an issue the logs can be written over for that day. Also the ability to go back and look at older logs is very helpful.