Re: [Aide] Need help with AIDE configuration

2016-04-25 Thread LIJE Creative
Hi guys, It's working better with the last tweaks I did on the cron conf file. Thanks Keith and Hannes about that. Also, I wanted to ask how to exclude folders with a wild card? Currently, I got a lot of ispconfig websites and a lot of sessions files generated in the /tmp/ folder of every

Re: [Aide] Need help with AIDE configuration

2016-04-23 Thread LIJE Creative
Hi, I tweaked /etc/default/aide as requested. The db seems to be copied now. AIDE returned with exit code 5. Added and changed entries detected! AIDE post run information output database /var/lib/aide/aide.db.new was copied to /var/lib/aide/aide.db as requested by cron job configuration End of

Re: [Aide] Need help with AIDE configuration

2016-04-22 Thread Richard van den Berg
On 22 Apr 2016, at 12:44, Hannes von Haugwitz wrote: > > If I remember correctly this statement was made by Richard (one of the past > AIDE developers). You're probably right. Cheers, Richard (ex-AIDE developer) ___ Aide

Re: [Aide] Need help with AIDE configuration

2016-04-22 Thread Hannes von Haugwitz
On Fri, Apr 22, 2016 at 07:47:27AM -0400, Keith Constable wrote: > I mentioned protecting the AIDE database and binaries because any results > generated by AIDE are meaningless unless you can verify that an intruder > hasn't modified the binaries and database. That said, I understand certain >

Re: [Aide] Need help with AIDE configuration

2016-04-22 Thread Hannes von Haugwitz
Hi, On Fri, Apr 22, 2016 at 07:47:27AM -0400, Keith Constable wrote: > If you browse the source for AIDE, I doubt you will find references to this > cron script. OS packages often include these sorts of scripts for ease of > use. If I'm wrong, I'm certain Hannes will step in and correct me. Yes,

Re: [Aide] Need help with AIDE configuration

2016-04-22 Thread Keith Constable
The answer to your original question is to run "aide --check". Given a properly initialized database, the output will be exactly what you're looking for. I promise. Based on the screen shot you originally included, it looks to me that your current database is empty. You'll need to move/rename the

Re: [Aide] Need help with AIDE configuration

2016-04-22 Thread LIJE Creative
No, AIDE ouf of the box offers daily report. Once installed, it added me the file: */etc/cron.daily/aide* which sends me a daily report. There is a MAILTO parameter which must be filled to work. CRON_DAILY_RUN="${CRON_DAILY_RUN:-yes}" *MAILTO="x...@xxx.fr "* eval MAILTO="$MAILTO"

[Aide] Need help with AIDE configuration

2016-04-21 Thread LIJE Creative
Hi guys, Like you, I'm a user of AIDE but I need a hand about the configuration. I'm getting the daily aide report. It contains the 1000 first lines of the log file. [image: Images intégrées 1] Do you know if there is a way to get only the list of newly added entries (difference between the