Hi, I was wondering if there was a way to setup email notification.
If I run tripwire from a cron-script with the --email-report option I get an email every time it is run. I don't like to have to read all these emails, especially for the number of systems I manage.
However, if I merely run tripwire --check, despite the fact that I have an (emailto="") rule surrounding a test file in my tripwire policy, tripwire does not email me about the changes to these files. I could
parse tripwire's report with my own script and email myself if I detect a change, but I would think tripwire would have an easier way to do this.
Does anyone know of any?
Please let me know if you do.
Rohit Kumar Mehta
Yeah, you need to pass -M on the command line for the integrity check.
I go tripwire --check -M
That doesn't work. I get an email even if I have 0 violations.
Here is my col file:
MAILPROGRAM =/usr/sbin/sendmail -oi -t
You see that line in your configuration file that looks like this:
that is doing what it says it's doing, namely emailing you a report even when you have no violations :-)
Set that to false, and you'll only get an email when there are violations.
Sign up for the SourceForge newsletter:
You seem to have CSS turned off.
Please don't fill out this field.