Area51 Users Guide: 
| ||
|---|---|---|
| Prev | Chapter 3. Using | Next |
Tripwire is configured to automatically scan the files on your frontend daily. This is accomplished via cron. To test the tripwire cron script, execute:
# /etc/cron.daily/tripwire |
A Tripwire tab on your cluster's home page will indicate that tripwire is installed.
When the tripwire cron job runs, clicking on the tab will result will bring up the most recent tripwire report and a set of monthly archives of previous reports
When this cron script runs successfully, tripwire sends mail to root (default). The cron script also creates a web page which shows the most recent tripwire report and web-archives of previous reports.
To view the mail message, execute mail, then hit return at the & prompt. You'll see a mail message that looks similar to:
[root@rocks22 root]# mail Mail version 8.1 6/6/93. Type ? for help. "/var/spool/mail/root": 1 message 1 new >N 1 [email protected] Thu May 20 22:37 210/8552 "Tripwire: Daily repor" & Message 1: From [email protected] Thu May 20 22:37:42 2004 X-Original-To: [email protected] Delivered-To: [email protected] Date: Thu, 20 May 2004 22:37:41 GMT From: root <[email protected]> To: [email protected] Subject: Tripwire: Daily report from rocks22.sdsc.edu Parsing policy file: /opt/tripwire/etc/tw.pol *** Processing Unix File System *** Performing integrity check... Wrote report file: /opt/tripwire/db/report/rocks22.sdsc.edu-20040520-223648.twr Tripwire(R) 2.3.0 Integrity Check Report Report generated by: root Report created on: Thu 20 May 2004 10:36:48 PM GMT Database last updated on: Never =============================================================================== Report Summary: =============================================================================== Host name: rocks22.sdsc.edu Host IP address: 127.0.0.1 Host ID: None Policy file used: /opt/tripwire/etc/tw.pol Configuration file used: /opt/tripwire/etc/tw.cfg Database file used: /opt/tripwire/db/rocks22.sdsc.edu.twd Command line used: /opt/tripwire/bin/tripwire --check --cfgfile /opt/ tripwire/etc/tw.cfg |
To have tripwire email its report to a different email address, run the command: rocks set host attr localhost tripwire_mail "address1 [address2]". For example, say you want the tripwire reports to go to [email protected] and root.
# rocks set host attr localhost tripwire_mail "[email protected] root@`hostname`" |
To view the set of addresses for the Tripwire Daily Report:
# rocks list host attr localhost | grep tripwire_mail |