- Posted In
- Red Hat Enterprise Linux
Hi, I'm currently configuring AIDE to be rolled out on our platform as a substitute for RKHunter. I have a question about establishing a baseline:
I notice that I seem to get a lot of false positives.
As an example:
I would expect that I don't get any messages in my aide.log, but I see them all the time. Of course, one solution would be to exclude the whole /var/log directory, but that's not something I would want.
How can I solve this, anyone got an idea?