error opening /var/ossec/logs/active-responses.log: Permission denied

Symptoms

A notification email from Anacron job 'cron.daily' containing the error:

/etc/cron.daily/logrotate:

error: error opening /var/ossec/logs/active-responses.log-{date}: Permission denied

Description 

The cause of the error is logrotated being unable to read or modify the mentioned log file. This is caused by the log file being owned by the 'root' user rather than the 'ossec' user:

[/var/ossec/logs]cPs# ll
total 12572
-rw-rw-r-- 1 ossec ossec 4531 Jan 10 06:22 active-responses.log
-rw-r--r-- 1 root ossec 7872 Oct 26 2019 active-responses.log-20191027
-rw------- 1 ossec ossec 78368 Nov 3 2019 active-responses.log-20191103
-rw-rw-r-- 1 ossec ossec 92348 Nov 10 2019 active-responses.log-20191110

The issue appears to affect systems with Imunify360 originally installed prior to October 2019.

Workaround

The error will output the affected file. To correct the issue, change the ownership to 'ossec', using the file specified in the email:

# chown ossec /var/ossec/logs/active-responses.log-20191027