Dave, One option would be to run aide twice with two different databases. One database for critical "page me" files, and the other for "warn me" files.
Alternatively, you could write a script that parses aide's stdout and then does different things based on what files changed, but I'd just go with option 1. Regards, Keith Constable On Jul 5, 2013, at 2:27 PM, Dave Shevett <shev...@pobox.com> wrote: > Hey folks, we have aide up and running across our envrionment. We're > using it as a 'change notification system' as well as an IDS, so we get > mail notices whenver someone changes a configuration file on a > production host, etc etc. > > What we'd like to do is say "See these files? Tell us when they change, > but don't raise an alert. ANything else? Page us." - I have a script > doing most of the work now, so I can do things like check exit values, etc. > > Is there any way to tell aide 'changes other than changes to these > files? throw an error or set an exit code of X' > > Thanks! > > -d > _______________________________________________ > Aide mailing list > Aide@cs.tut.fi > https://mailman.cs.tut.fi/mailman/listinfo/aide
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ Aide mailing list Aide@cs.tut.fi https://mailman.cs.tut.fi/mailman/listinfo/aide
