Yum Install aide-y//epel
CP/ETC/AIDE.CONF{,.BK}
/etc/aide.conf//config file
#初始化监控数据库 (This takes some time)
/usr/sbin/aide-c/etc/aide.conf-i
#把当前初始化的数据库作为开始的基础数据库
Cp/var/lib/aide/aide.db.new.gz/var/lib/aide/aide.db.gz
#如果是正常的改动 update changes to the underlying database
Aide-u
cd/var/lib/aide/
#覆盖替换旧的数据库
MV Aide.db.new.gz aide.db.gz
#在终端中查看检测结果
Aide-c
#检查文件改动 Save to File
Aide-c--report=file:/tmp/aide-report-' date +%y%m%d '. txt
#定时任务执行aide检测报告和自动邮件发送aide检测报告
Crontab-e
XX * * */usr/sbin/aide-c | /bin/mail-s "AIDE Report $ (date +%y%m%d)" Root@localhost
Common errors
Aide error on starting PreLink undo
PRELINK-A//or modify the configuration file, not to monitor the system of those complex 7788 of files/directories
============================
Just see the former colleague is writing this, I also test.
GLQ = MD5
/home/wwwroot/showshowbaby.com/glq
Using aide to do Linux advanced intrusion detection file monitoring