Moss, Adam David
2016-05-22 08:17:38 UTC
Hi,
I have AIDE running under CentOS and an getting some noise in the output.
Can you please advise what would be the best modification to take in
/etc/aide/aide.conf to resolve this?
I know I could just !/var/log/xxx but that doesn't seem like the "best"
answer.
Thanks,
Adam M.
Total number of files: 46586
Added files: 17
Removed files: 2
Changed files: 13
---------------------------------------------------
Added files:
---------------------------------------------------
added: /var/log/audit/audit.log.1
added: /var/log/cron-20160522
added: /var/log/fail2ban.log-20160522.gz
added: /var/log/maillog-20160522
added: /var/log/messages-20160522
added: /var/log/nginx/access.log-20160519.gz
added: /var/log/nginx/access.log-20160520.gz
added: /var/log/nginx/access.log-20160521.gz
added: /var/log/nginx/access.log-20160522
added: /var/log/nginx/error.log-20160519.gz
added: /var/log/nginx/error.log-20160520.gz
added: /var/log/nginx/error.log-20160521.gz
added: /var/log/nginx/error.log-20160522
added: /var/log/rkhunter/rkhunter.log-20160522
added: /var/log/secure-20160522
added: /var/log/spooler-20160522
added: /var/log/wpa_supplicant.log-20160521
---------------------------------------------------
Removed files:
---------------------------------------------------
removed: /var/log/nginx/access.log-20160519
removed: /var/log/nginx/error.log-20160519
---------------------------------------------------
Changed files:
---------------------------------------------------
changed: /var/log/audit/audit.log
changed: /var/log/cron
changed: /var/log/fail2ban.log
changed: /var/log/lastlog
changed: /var/log/maillog
changed: /var/log/messages
changed: /var/log/nginx/access.log
changed: /var/log/nginx/error.log
changed: /var/log/rkhunter/rkhunter.log
changed: /var/log/rkhunter/rkhunter.log.old
changed: /var/log/secure
changed: /var/log/spooler
changed: /var/log/wpa_supplicant.log
I have AIDE running under CentOS and an getting some noise in the output.
Can you please advise what would be the best modification to take in
/etc/aide/aide.conf to resolve this?
I know I could just !/var/log/xxx but that doesn't seem like the "best"
answer.
Thanks,
Adam M.
Total number of files: 46586
Added files: 17
Removed files: 2
Changed files: 13
---------------------------------------------------
Added files:
---------------------------------------------------
added: /var/log/audit/audit.log.1
added: /var/log/cron-20160522
added: /var/log/fail2ban.log-20160522.gz
added: /var/log/maillog-20160522
added: /var/log/messages-20160522
added: /var/log/nginx/access.log-20160519.gz
added: /var/log/nginx/access.log-20160520.gz
added: /var/log/nginx/access.log-20160521.gz
added: /var/log/nginx/access.log-20160522
added: /var/log/nginx/error.log-20160519.gz
added: /var/log/nginx/error.log-20160520.gz
added: /var/log/nginx/error.log-20160521.gz
added: /var/log/nginx/error.log-20160522
added: /var/log/rkhunter/rkhunter.log-20160522
added: /var/log/secure-20160522
added: /var/log/spooler-20160522
added: /var/log/wpa_supplicant.log-20160521
---------------------------------------------------
Removed files:
---------------------------------------------------
removed: /var/log/nginx/access.log-20160519
removed: /var/log/nginx/error.log-20160519
---------------------------------------------------
Changed files:
---------------------------------------------------
changed: /var/log/audit/audit.log
changed: /var/log/cron
changed: /var/log/fail2ban.log
changed: /var/log/lastlog
changed: /var/log/maillog
changed: /var/log/messages
changed: /var/log/nginx/access.log
changed: /var/log/nginx/error.log
changed: /var/log/rkhunter/rkhunter.log
changed: /var/log/rkhunter/rkhunter.log.old
changed: /var/log/secure
changed: /var/log/spooler
changed: /var/log/wpa_supplicant.log