[Aide] Best Practices
Healy, Trent X -ND
Trent.X.Healy.-ND at dig.com
Wed May 10 02:45:52 EEST 2006
Scratch that I figured it out. Still the addition to look into a
decrease in size would be nice for specific files.
Sorry for the email all.
-T
________________________________
From: aide-bounces at cs.tut.fi [mailto:aide-bounces at cs.tut.fi] On Behalf
Of Healy, Trent X -ND
Sent: Tuesday, May 09, 2006 4:09 PM
To: aide at cs.tut.fi
Subject: [Aide] Best Practices
Hi,
Implementing Aide currently to look at a dynamic log directory that is
continuously growing.
Currently the logs will go from log.1 to log.255, so that last log is
always growing and being appended to by the application.
The last log will stop at around 1gb and then it will create a new one
in sequential order, gzip the last log and this action keeps on going.
I need to be able to make sure all current logs are not tampered with
and also not have a huge report when new log files get created.
When using tripwire I used the $(Dynamic) and the $(Growing) variable,
but I am unsure of what to use with Aide.
This is similar to monitoring the /var/log files on a unix system. Does
any one have a good approach to combat this issue?
I would ideally like to ignore an increase in the log files but report a
decrease. Is that possible with Aide? I was reading the manual but don't
see something like this.
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://mailman.cs.tut.fi/pipermail/aide/attachments/20060509/0e851be5/attachment-0001.html
More information about the Aide
mailing list