[Aide] AIDE under CentOS - Advice to remove noise

Moss, Adam David admoss1980 at gmail.com
Sun May 22 11:17:38 EEST 2016


Hi,

I have AIDE running under CentOS and an getting some noise in the output.
Can you please advise what would be the best modification to take in
/etc/aide/aide.conf to resolve this?

I know I could just !/var/log/xxx but that doesn't seem like the "best"
answer.

Thanks,


Adam M.

  Total number of files:    46586
  Added files:            17
  Removed files:        2
  Changed files:        13


---------------------------------------------------
Added files:
---------------------------------------------------

added: /var/log/audit/audit.log.1
added: /var/log/cron-20160522
added: /var/log/fail2ban.log-20160522.gz
added: /var/log/maillog-20160522
added: /var/log/messages-20160522
added: /var/log/nginx/access.log-20160519.gz
added: /var/log/nginx/access.log-20160520.gz
added: /var/log/nginx/access.log-20160521.gz
added: /var/log/nginx/access.log-20160522
added: /var/log/nginx/error.log-20160519.gz
added: /var/log/nginx/error.log-20160520.gz
added: /var/log/nginx/error.log-20160521.gz
added: /var/log/nginx/error.log-20160522
added: /var/log/rkhunter/rkhunter.log-20160522
added: /var/log/secure-20160522
added: /var/log/spooler-20160522
added: /var/log/wpa_supplicant.log-20160521

---------------------------------------------------
Removed files:
---------------------------------------------------

removed: /var/log/nginx/access.log-20160519
removed: /var/log/nginx/error.log-20160519

---------------------------------------------------
Changed files:
---------------------------------------------------

changed: /var/log/audit/audit.log
changed: /var/log/cron
changed: /var/log/fail2ban.log
changed: /var/log/lastlog
changed: /var/log/maillog
changed: /var/log/messages
changed: /var/log/nginx/access.log
changed: /var/log/nginx/error.log
changed: /var/log/rkhunter/rkhunter.log
changed: /var/log/rkhunter/rkhunter.log.old
changed: /var/log/secure
changed: /var/log/spooler
changed: /var/log/wpa_supplicant.log
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mailman.cs.tut.fi/pipermail/aide/attachments/20160522/e3584b67/attachment-0001.html>


More information about the Aide mailing list