2014-04-24 4:05 GMT-04:00 Richard van den Berg <[email protected]>: > On 24 apr. 2014, at 05:06, Julien T <[email protected]> wrote: > > Most probably a local interface in python and local db cache would be > needed but first if there were some appropriate hook, it would be cool! > > This is pretty easy to script right now. The aide.db is just a flat text > file (perhaps gzipped). All you would need to do is enable the hashes used > by the repositories in aide.conf, and convert them from the representation > in the aide.db to the one used by the repositories. There is some sample > code for that in the aide tgz IIRC. >
I think I was more looking it the other way around: use other hash database to improve aide output classifying or removing. Something like http://blog.rootshell.be/2013/05/13/improving-file-integrity-monitoring-with-ossec/(which is not feasible with current out-of-the-box ossec) in 0.15.1 and 0.16a2, I have the contrib dir: aide-attributes.sh bzip2.sh gpg2_check.sh gpg2_update.sh gpg_check.sh gpg_update.sh sshaide.sh Don't seem there is a conversion script to me. Cheers, Julien
_______________________________________________ Aide mailing list [email protected] https://mailman.cs.tut.fi/mailman/listinfo/aide
