[Aide] Need a bit of help configuring AIDE
Miloska
miloska at gmail.com
Fri Mar 13 16:11:30 EET 2009
> Should I completely ignore those folders or there is some configs I
> could use to still monitor them for major changes without being bothered
> with changes from daily uses?
>
As long as you know what does 'major changes' mean to you it's
possible - but you have to do the configuration yourself.
For example store in log in /etc is generally a bad idea - I know,
this is suggested if you use daemontools on Debian, but it's still not
good. I think in this case you should exclude /etc/tinydns/log/main
directory and you would get alert if /etc/tinydns/run would change.
I'm afraid systems are so different that you have to fine-tune your
aide yourself if you not happy with the default configuration.
At the beginning we spent quite long time to configure them. I'd
recommend you just to set up the system and let it run, than change
the config if your not happy with your result. After 5-10 circle you
will get pretty good output - and you will know more about your
systems.
More information about the Aide
mailing list