README.md 1.28 KB
Newer Older
M33's avatar
M33 committed
1
# aideCheck.sh
M33's avatar
M33 committed
2

M33's avatar
M33 committed
3
A simple script to filter AIDE (Advanced Intrusion Detection Environment https://github.com/aide/aide) checks in a cron job, and reduce sysadmin overhead.
M33's avatar
M33 committed
4
5

Result:
M33's avatar
M33 committed
6
- Send an email alert if MAIL recipient is set, only if AIDE find something wrong
M33's avatar
M33 committed
7
- Return 1 if AIDE find something wrong
M33's avatar
M33 committed
8
- May run ```aide --update``` after execution, to update the database and avoid multiple alerts (disabled by default)
M33's avatar
M33 committed
9

M33's avatar
M33 committed
10
11
12

## Prerequisite

M33's avatar
M33 committed
13
You will need [aide]( https://github.com/aide/aide) of course, use yum or apt to get it from your linux distribution repostiory. [Help on aide is available here](https://aide.github.io).
M33's avatar
M33 committed
14

M33's avatar
M33 committed
15
16
And the ```mutt``` command line mail tool to send summary reports (likely installed on your system, or available on the repository)

M33's avatar
M33 committed
17

M33's avatar
M33 committed
18
## Installation with assisted configuration
M33's avatar
M33 committed
19

M33's avatar
M33 committed
20
Use wget (or curl) to download the installer script, and run it
M33's avatar
M33 committed
21
```
M33's avatar
M33 committed
22
wget https://git.qoto.org/m33/aideCheck-sh/-/raw/master/install.sh
M33's avatar
M33 committed
23
24
./install.sh
```
M33's avatar
M33 committed
25

M33's avatar
M33 committed
26
27
And follow asked questions, this will setup aideCheck.sh and install it to ```
/usr/local/bin/```
M33's avatar
M33 committed
28
29


M33's avatar
M33 committed
30
## Manual installation
M33's avatar
M33 committed
31

M33's avatar
M33 committed
32
Get aideCheck.sh
M33's avatar
M33 committed
33
```
M33's avatar
M33 committed
34
git clone https://git.qoto.org/m33/aideCheck-sh
M33's avatar
M33 committed
35
36

```
M33's avatar
M33 committed
37
or
M33's avatar
M33 committed
38
```
M33's avatar
M33 committed
39
wget https://git.qoto.org/m33/aideCheck-sh/-/raw/master/aideCheck.sh
M33's avatar
M33 committed
40
```
M33's avatar
M33 committed
41
42

Edit the aideCheck.sh configuration header, copy the script where you like.