HPE Community
Operating System - HP-UX
1834449 Members
2526 Online
110067 Solutions
New Discussion

Tracking changes to system files...

 
SOLVED
Go to solution
Kevin Westover
Advisor

‎10-27-2003 04:47 AM

‎10-27-2003 04:47 AM

Tracking changes to system files...

Is anyone aware of a good software package that will monitor and track changes to system files, configuration scripts, kernel parameters, file system sizes, etc? Something that could show before and after information for any changes that are made to the system. Thanks.
0 Kudos
Reply
5 REPLIES 5
Paddy_1
Valued Contributor

‎10-27-2003 04:51 AM

‎10-27-2003 04:51 AM

Solution

Re: Tracking changes to system files...

See if any of the tools mentioned here will work for you.

http://www.stokely.com/unix.sysadm.resources/autosysmgm.backup.html

The sufficiency of my merit is to know that my merit is NOT sufficient
Reply
Steven E. Protter
Exalted Contributor

‎10-27-2003 04:53 AM

‎10-27-2003 04:53 AM

Re: Tracking changes to system files...

Tripwire is the way to go here. Its designed specifically for this purpose. Its built into recent Red Hat distributions.

http://sourceforge.net/project/showfiles.php?group_id=3130

I don't know of anyone that built hp depots so this is something you want to obtain and compile.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Reply
Keith Buck
Respected Contributor

‎10-27-2003 05:09 AM

‎10-27-2003 05:09 AM

Re: Tracking changes to system files...

Depending on what you're trying to do, you might also consider HIDS

http://software.hp.com/portal/swdepot/displayProductInfo.do?productNumber=J5083AA

It will tell you when something changed and send you an alert.

On the other hand, if you're just trying to track authorized changes made by you or other admins, you might use a source control system, such as RCS or CVS.

The key is to know what threats you are concerned about. (mistakes and tracking down what changed vs. malicious break-ins)

-Keith
Reply
Garry Ferguson
Frequent Advisor

‎10-28-2003 02:03 AM

‎10-28-2003 02:03 AM

Re: Tracking changes to system files...

Kevin,

I run a daily cron script to list any changes to system software. eg added s/w or patches. It doesn't do all you might require
but it could be used as a start.
I've attached the script. It runs on a RedHat
machine - ravel.

Garry
0 Kudos
Reply
Geoff Wild
Honored Contributor

‎10-28-2003 03:36 AM

‎10-28-2003 03:36 AM

Re: Tracking changes to system files...

You can try:

http://www.cfengine.org/

What is Cfengine?
Cfengine, or the configuration engine is an autonomous agent and a middle to high level policy language for building expert systems which administrate and configure large computer networks. Cfengine uses the idea of classes and a primitive intelligence to define and automate the configuration and maintenance of system state, for small to huge configurations. Cfengine is designed to be a part of a computer immune system, and can be thought of as a gaming agent. It is ideal for cluster management and has been adopted for use all over the world in small and huge organizations alike.


Or, take a look at CCMON:

This is a valuable tool to monitor your environment to ensure all nodes are configured equally. You do NOT have to be using MC/ServiceGuard to use it.

http://h40045.www4.hp.com/data/ccmon-service-brief.pdf

Rgds...Geoff
Proverbs 3:5,6 Trust in the Lord with all your heart and lean not on your own understanding; in all your ways acknowledge him, and he will make all your paths straight.
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.