aide(1) - Advanced Intrusion Detection Environment

petulia3478

aide(1)			    General Commands Manual		       aide(1)



NAME
       aide - Advanced Intrusion Detection Environment

SYNOPSIS
       aide [parameters] command

DESCRIPTION
       aide  is	 an  intrusion	detection system for checking the integrity of
       files.


COMMANDS
       --check, -C
	      Checks the database for inconsistencies. You must have  an  ini‐
	      tialized	database to do this. This is also the default command.
	      Without any command aide does a check.

       --init, -i
	      Initialize the database. You must initialize a database and move
	      it  to the appropriate place before you can use the --check com‐
	      mand.

       --update, -u
	      Checks the database and updates the database  non-interactively.
	      The input and output databases must be different.

       --compare
	      Compares	two databases. They must be defined in configfile with
	      database=<url> and database_new=<url>.

       --config-check, -D
	      Stops after reading in the configuration file. Any  errors  will
	      be  reported.   If aide was compiled with the "--with-dbhmackey"
	      option, a hash for the config file will be calculated.  See  the
	      aide manual for more information.

PARAMETERS
       --config=configfile , -c configfile
	      Configuration   is   read	  from	 file  configfile  instead  of
	      "./aide.conf". Use '-' for stdin.

       --before="configparameters" , -B "configparameters"
	      These configparameters are handled before	 the  reading  of  the
	      configuration  file.  See aide.conf (5) for more details on what
	      to put here.

       --after="configparameters" , -A "configparameters"
	      These configparameters are handled after the reading of the con‐
	      figuration  file.	 See aide.conf (5) for more details on what to
	      put here.

       --verbose=verbosity_level,-Vverbosity_level
	      Controls how verbose aide is. Value must [0-255]. The default is
	      5. With no argument Value is set to 20. This parameter overrides
	      the value set in a configuration file.

       --report=reporter,-r reporter
	      reporter is a URL which tells aide where to  send	 it's  output.
	      See aide.conf (5) section URLS for available values.

       --version,-v
	      aide prints out its version number

       --help,-h
	      Prints out the standard help message.

DIAGNOSTICS
       Normally,  the  exit status is 0 if no errors occurred. Except when the
       --check command was requested, in which case the exit status is defined
       as:

       1 * (new files detected?)     +

       2 * (removed files detected?) +

       4 * (changed files detected?)

       Additionally,  the  following  exit codes are defined for generic error
       conditions:

       14 Error writing error

       15 Invalid argument error

       16 Unimplemented function error

       17 Invalid configureline error

       18 IO error

       19 Version mismatch error

NOTES
       Please note that due to mmap issues, aide  cannot  be  terminated  with
       SIGTERM. Use SIGKILL to terminate.

FILES
       /etc/aide.conf	Default	 aide  configuration  file.   /var/lib/aide.db
       Default aide database.  /var/lib/aide.db.new Default aide output	 data‐
       base.

SEE ALSO
       aide.conf(5) http://aide.sourceforge.net/stable/manual.html

BUGS
       There  are  probably  bugs  in  this  release.  Please  report  them at
       http://sourceforge.net/projects/aide . Bug fixes are more than welcome.
       Unified diffs are preferred.

DISCLAIMER
       All trademarks are the property of their respective owners.  No animals
       were harmed while making	 this  webpage	or  this  piece	 of  software.
       Although some pizza delivery guy's feelings were hurt.



								       aide(1)