Review default paths

[ioj]

Make sure that default locations of config and log files make sense. This one, for example, doesn't: https://github.com/alphasoc/namescore/blob/develop/config/config.go#L18

[mmazur]

Yeah, half of those are bad.

1. NO idea what 'follow' is, so can't comment.
2. namescore.log shouldn't exist, that's what journal is for (but that's a separate issue)
3. namescore.toml is fine
4. 'failedquerisdir' sound like something that should be under /var/lib/alphasoc/namescore
5. whitelist needs to be named 'namescore-whitelist' or something, to make sure there aren't any future filename conflicts.

[ioj]

Regarding (2), namescore puts its "normal" logs in syslog. Namescore.log contains actual security alerts, in csv format. The idea for a namescore MVP was to provide a feed which is easy to process by 3rd party scripts which can escalate alerts further to ticketing systems specific to given environments, etc.

We have a proper customer dashboard on our roadmap (along with proper 3rd party integrations, etc.), but it's not going to happen in the coming weeks.

[mmazur]

In that case, I'm closing the case and the file should just be renamed and put somewhere else. I'll figure out that paths for everything and get back to you.