"aide --check " compares the file system to the aide database and gives you
a report of changed and added and deleted files.

Are you using an OS packaged version of AIDE? AIDE itself produces no daily
report.

You should only --init a new database once you've validated all changes
reported by the --check run.

What protections do you have in place to ensure that the AIDE binaries and
database aren't compromised by an intruder?

Regards,
Keith


On Thursday, April 21, 2016, LIJE Creative <i...@lije-creative.com> wrote:

> Hi guys,
>
> Like you, I'm a user of AIDE but I need a hand about the configuration.
>
> I'm getting the daily aide report. It contains the 1000 first lines of the
> log file.
>
> [image: Images intégrées 1]
>
> Do you know if there is a way to get only the list of newly added entries
> (difference between the new and old database) and the changed entries?
> Everyday, I'm getting these 330k new added entries so I can't check if
> anything is messed up.
>
> I'm running AIDE on my /var/www folder to check newly added files from my
> clients or hackers.
>
> Thanks
>
>
> Jérôme LILLE | Responsable Agence
> i...@lije-creative.com
> <javascript:_e(%7B%7D,'cvml','i...@lije-creative.com');> | +33 7 70 87 02
> 03
> Site internet : www.lije-creative.com
> ᐧ
>
_______________________________________________
Aide mailing list
Aide@cs.tut.fi
https://mailman.cs.tut.fi/mailman/listinfo/aide

Reply via email to