On Thu, Dec 11, 2003 at 12:44:27PM +0100, DI Peter Burgstaller wrote: > > I'm trying to use aide now as well .. but with the default debian > config .. it produces > every day massive changes .. especially to the /var/log/* files due to > logrotate. > > Any reasonable settings that account for that?
Peter Solobov has provided valuable suggestions. What I would like to add is that in my opinion you shouldn't try to eliminate all occurances of reports about expected file changes. Instead let AIDE complain and utilize some mechanism to sort the report entries according to their importance. For example, you could create a script which reorders the report so that changes made to files under /usr/bin come first, then modifications detected in /etc and finally any activity in the /var hierarchy. If you're smart enough the output could be colorized as well. bit, adam -- Am I a cleric? | 1024D/37B8D989 Or maybe a sinner? | 954B 998A E5F5 BA2A 3622 Unbeliever? | 82DD 54C2 843D 37B8 D989 Renegade? | http://pgpkeys.mit.edu -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
