1aide(1) General Commands Manual aide(1)
2
6 aide - Advanced Intrusion Detection Environment
7
9 aide [parameters] command
10
12 aide is an intrusion detection system for checking the integrity of
13 files.
14
17 --check, -C
18 Checks the database for inconsistencies. You must have an ini‐
19 tialized database to do this. This is also the default command.
20 Without any command aide does a check.
21 --init, -i
23 Initialize the database. You must initialize a database and move
24 it to the appropriate place before you can use the --check com‐
25 mand.
26 --update, -u
28 Checks the database and updates the database non-interactively.
29 The input and output databases must be different.
30 --compare
32 Compares two databases. They must be defined in configfile with
33 database=<url> and database_new=<url>.
34 --config-check, -D
36 Stops after reading in the configuration file. Any errors will
37 be reported. If aide was compiled with the "--with-dbhmackey"
38 option, a hash for the config file will be calculated. See the
39 aide manual for more information.
40
42 --config=configfile , -c configfile
43 Configuration is read from file configfile instead of
44 "./aide.conf". Use '-' for stdin.
45 --before="configparameters" , -B "configparameters"
47 These configparameters are handled before the reading of the
48 configuration file. See aide.conf (5) for more details on what
49 to put here.
50 --after="configparameters" , -A "configparameters"
52 These configparameters are handled after the reading of the con‐
53 figuration file. See aide.conf (5) for more details on what to
54 put here.
55 --verbose=verbosity_level,-Vverbosity_level
57 Controls how verbose aide is. Value must [0-255]. The default is
58 5. With no argument Value is set to 20. This parameter overrides
59 the value set in a configuration file.
60 --report=reporter,-r reporter
62 reporter is a URL which tells aide where to send it's output.
63 See aide.conf (5) section URLS for available values.
64 --version,-v
66 aide prints out its version number
67 --help,-h
69 Prints out the standard help message.
70
72 Normally, the exit status is 0 if no errors occurred. Except when the
73 --check command was requested, in which case the exit status is defined
74 as:
75 1 * (new files detected?) +
77 2 * (removed files detected?) +
79 4 * (changed files detected?)
81 Additionally, the following exit codes are defined for generic error
83 conditions:
84 14 Error writing error
86 15 Invalid argument error
88 16 Unimplemented function error
90 17 Invalid configureline error
92 18 IO error
94 19 Version mismatch error
96
98 Please note that due to mmap issues, aide cannot be terminated with
99 SIGTERM. Use SIGKILL to terminate.
100
102 /etc/aide.conf Default aide configuration file. /var/lib/aide.db
103 Default aide database. /var/lib/aide.db.new Default aide output data‐
104 base.
105
107 aide.conf(5) http://www.cs.tut.fi/~rammer/aide/manual.html
108
110 There are probably bugs in this release. Please report them at
111 http://sourceforge.net/projects/aide . Bug fixes are more than welcome.
112 Unified diffs are preferred.
113
115 All trademarks are the property of their respective owners. No animals
116 were harmed while making this webpage or this piece of software.
117 Although some pizza delivery guy's feelings were hurt.
118 aide(1)