Hi OSSEC group,
I’m trying to monitor several AIX servers with an OSSEC server. I’ve cloned the ssh_integrity_check_linux to a new ssh_integrity_check_aix to change the line:
send "echo \"INFO: Starting.\"; for i in `find $args 2>/dev/null`;do tail \$i >/dev/null 2>&1 && md5=`csum -h MD5 \$i | cut -d \" \" -f 1` && sha1=`csum -h SHA1 \$i | cut -d \" \" -f 1` && echo FWD: `istat \$i`:\$md5:\$sha1 \$i; done; exit\r"
Have anyone tried it before? I’m on the right path?
Thanks,
Javier A. Nieto Salcedo
Gerencia de Análisis Informático
Vicepresidencia de Control
Telf: 58 (0212)955.42.24