1. Change the default email to whatever external mail might be
echo ${EMAIL} >> /root/.forward
2. Logwatch
yum install logwatch
2.1. Edit the conf file /usr/share/logwatch/default.conf/logfiles/cron.conf
Replace line 20
Archive=cron.*
with
Archive=/var/log/cron.*
3. Aide
yum install aide
3.1. Initialize the database
aide --init
3.2. Copy the database to the regular spot
cp /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz
3.3. Add a cron script to run aide daily
/etc/cron.daily/aide.cron
#!/bin/bash
/usr/sbin/aide --check | /bin/mail -s "Daily AIDE check" ${EMAIL}
