"aide --check " compares the file system to the aide database and gives you a report of changed and added and deleted files.
Are you using an OS packaged version of AIDE? AIDE itself produces no daily report. You should only --init a new database once you've validated all changes reported by the --check run. What protections do you have in place to ensure that the AIDE binaries and database aren't compromised by an intruder? Regards, Keith On Thursday, April 21, 2016, LIJE Creative <i...@lije-creative.com> wrote: > Hi guys, > > Like you, I'm a user of AIDE but I need a hand about the configuration. > > I'm getting the daily aide report. It contains the 1000 first lines of the > log file. > > [image: Images intégrées 1] > > Do you know if there is a way to get only the list of newly added entries > (difference between the new and old database) and the changed entries? > Everyday, I'm getting these 330k new added entries so I can't check if > anything is messed up. > > I'm running AIDE on my /var/www folder to check newly added files from my > clients or hackers. > > Thanks > > > Jérôme LILLE | Responsable Agence > i...@lije-creative.com > <javascript:_e(%7B%7D,'cvml','i...@lije-creative.com');> | +33 7 70 87 02 > 03 > Site internet : www.lije-creative.com > ᐧ >
_______________________________________________ Aide mailing list Aide@cs.tut.fi https://mailman.cs.tut.fi/mailman/listinfo/aide