Hey guys, just installed Tripwire opensource for linux. http://www.tripwire.org

I'm not exactly sure how to use this thing...

tripwire --help shows me commands.
tripwire --init builds the initial database
tripwire --check seems to check the DB, but returns all kindsa errors about certian files not found, and then once the test is over spews a buncha output all over that scrolls off the screen (no X on this box)

I'll try tripwire --check >> testfile to see if I can send the output in there...

so. once I figure this all out, how do you guys use tripwire? do people typically put it in a cronjob and check the '--check' output daily? is there a way to set alarms or something?

just wondering. first time. :)

Alright, I see that files like /bin/bash2 /bin/view... and stuff are not being found.

I'm running Slack8. I assume that my paths are just different than what tripwire is used to... wonder if there is a way to fix that...

and directing the output >> to a different files helped that out.

though, i have not used it yet i plan to start with it this week. What are all the error recieving? If its just a matter of a couple things not being found, try just making symlinks to those files where tripwire expects them .. hope this helps some ..
*Vagrant

check the /var/mail/root file.
Tripewire will email the root account of misconfigurations its finds.

/etc/cron.daily/tripwire-check:

**** Error: Tripwire database for firewall not found. ****
**** Run /etc/tripwire/twinstall.sh and/or tripwire --init. ****