Monday, October 8, 2012

Monitor System with AIDE and SAR

AIDE, Advanced intrusion detection environment is a tool to check the integrity of files on the system


Steps to deploy AIDE
1. install the aide package
2. customize  /etc/aide.conf  to your preference
3. run  /usr/sbin/aide --init  to build the initial database
4. Store  /etc/aide.conf, /usr/sbin/aide, /var/lib/aide/aide.db.new.gz in a secure location
5. Copy /var/lib/aide/aide.db.new.gz  to  /var/lib/aide/aide.db.gz
6. you can run the checking by # aide --check

Result will be display or save to /var/log/aide/aide.log by default


System Activity report

Install the sysstat package
run # sar -A to display all information collected
run # sar -u 2 5 to display five sample of system CPU usage with interval 2 second

1 comment:

  1. Thanks for sharing, nice post! Post really provice useful information!

    An Thái Sơn chia sẻ trẻ sơ sinh nằm nôi điện có tốt không hay võng điện có tốt không và giải đáp cục điện đưa võng giá bao nhiêu cũng như mua máy đưa võng ở tphcm địa chỉ ở đâu uy tín.

    ReplyDelete