Difference between revisions of "ASL file integrity"
From Atomicorp Wiki
(Created page with " watch : this is the initial token used to define that this is a watch config directory: a full path to the directory to watch, eg: /etc realtime: a y or n condition. ...") |
Latest revision as of 14:11, 30 July 2011
watch : this is the initial token used to define that this is a watch config directory: a full path to the directory to watch, eg: /etc realtime: a y or n condition. This sets the watched directory to be watched for changes in real-time check_all: a y or no condition. This enables all checks on the directory. If this is y then check_sum/check_sha1sum/check_md5sum/check_size/check_owner/check_group/check_perm are skipped. They should not be shown in the interface. (grey out) check_sum: a y or n condition. This enables md5 and sha1sum checksum checking. check_sha1sum: a y or n condition. This enables just sha1sum checks check_md5sum: a y or n condition. This enables just md5 checks check_size: a y or n condition. This enables the file size checks check_owner: a y or n condition. This enables the owner checks check_group: a y or n condition. This enables the group checks report_changes: a y or n condition. When enabled this will send a diff of the content changes for files monitored in the alert. Very useful for watching web dirs restrict: an <sregex> condition. It restricts the watch to just specific files or globs. Example: .php|.js|.html would limit a watch on /var/www/html/ to just file changes on *.php, *.js and *.html