Listing 1 Initial aide.conf

# version number of this configuration file
config_version=v1
# location of the database holding characteristics of file being tracked.
database=file:///AIDE/Work/aide.db
# location of new database when the database is updated because of
# changes in the tracked files or because of a policy change.
database_out=file:///AIDE/Work/aide.db.new
# to add a little more information about the tracked files.
verbose=20
# location of report generated. There can be more than one of these.
# here I am using two one for stdout, and one for a file.
# every action of aide generates a report and it writes over these files each time.
report_url=stdout
report_url=file:///AIDE/Work/check.txt
# this creates a listing of symlinks that are not pointing to existing files.
warn_dead_symlinks=yes
# variable declaration (notice no spaces) specifying characteristics of files being tracked.
ReadOnly=p+i+n+u+g+s+m+md5 
Growing=>
Device=p+u+g+s
# directories whose files are being tracked. Without a ! or a = preceeding the path, the path is treated 
# as a regular expression with .* at the end. A depth first search is done for the list of files.
/bin                  ReadOnly
/boot                 ReadOnly
/dev                  Device
/etc                  ReadOnly
/initrd               ReadOnly
/lib                  ReadOnly
/lost+found           ReadOnly
/misc                 ReadOnly
/mnt                  ReadOnly
/sbin                 ReadOnly
/usr                  ReadOnly
/var/log              Growing