source: branches/samhain_3_1/test/testrc_2.in@ 497

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
NotDashEscaped: You need GnuPG to verify this message

#####################################################################
#
# Configuration file template for samhain.
#
#####################################################################
# 
# -- empty lines and lines starting with '#' are ignored 
# -- you can PGP clearsign this file -- samhain will check (if compiled
#    with support) or otherwise ignore the signature
# -- CHECK mail address
#
# To each log facility, you can assign a threshold severity. Only
# reports with at least the threshold severity will be logged
# to the respective facility (even further below).
#
#####################################################################
#
# SETUP for file system checking:
# 
# (i)   There are several policies, each has its own section. Put files
#       into the section for the appropriate policy (see below).
# (ii)  To each policy, you can assign a severity (further below).
# (iii) To each log facility, you can assign a threshold severity. Only
#       reports with at least the threshold severity will be logged
#       to the respective facility (even further below).
#
#####################################################################


[ReadOnly]
#
# for these files, only access time is ignored
#
# dir=/usr/bin
# dir=/bin

file = /var
file = /bin
file = /usr
file = /tmp
file = /etc

# hopefully does not exist
file=/etc/toodleedoo

dir=1/usr

[EventSeverity]
#
# Here you can assign severities to policy violations.
# If this severity exceeds the treshold of a log facility (see below),
# a policy violation will be logged to that facility.
#
# Severity for verification failures.
#
SeverityReadOnly=crit
SeverityLogFiles=crit
SeverityGrowingLogs=crit
SeverityIgnoreNone=crit
SeverityAttributes=crit
#
# We have a file in IgnoreAll that might or might not be present.
# Setting the severity to 'info' prevents messages about deleted/new file.
#
SeverityIgnoreAll=info

#
# Files : file access problems
# Dirs  : directory access problems
# Names : suspect (non-printable) characters in a pathname
#
SeverityFiles=crit
SeverityDirs=crit
SeverityNames=warn

[Log]
#
# Set threshold severity for log facilities
# Values: debug, info, notice, warn, mark, err, crit, alert, none.
# 'mark' is used for timestamps.
#
# By default, everything equal to and above the threshold is logged.
# The specifiers '*', '!', and '=' are interpreted as  
# 'all', 'all but', and 'only', respectively (like syslogd(8) does, 
# at least on Linux). 
# 
# MailSeverity=*
# MailSeverity=!warn
# MailSeverity==crit
#
MailSeverity=none
PrintSeverity=info
#PRINTClass = "RUN FIL STAMP"
LogSeverity=none
SyslogSeverity=none
ExportSeverity=none
DatabaseSeverity=none

#databaseseverity=info

[Database]
# setdbname=samhain
# setdbtable=log
setdbuser=samhain
setdbpassword=samhain
#AddToDBHash=log_msg
# AddToDBHash=log_host
UsePersistent = True

[Utmp]
#
# 0 to switch off, 1 to activate
#
LoginCheckActive=1

# Severity for logins, multiple logins, logouts
# 
SeverityLogin=info
SeverityLoginMulti=warn
SeverityLogout=info

# interval for login/logout checks
#
LoginCheckInterval=60

[Misc]
#
# whether to become a daemon process
Daemon=no

SetOutgoingIP = 127.0.0.1
SetServerInterface = 127.0.0.1

UseSeparateLogs=no

SetUseSocket = yes
SetSocketAllowUid=0
SetSocketPassword=samhain

SetClientFromAccept = yes

SetUdpActive=no

# the maximum time between client messages (seconds)
# (this is a log server-only option; the default is 86400 sec = 1 day
#
# SetClientTimeLimit=1800

UseClientSeverity = yes
UseClientClass    = yes

# Format for message headers
#
# MessageHeader="%S %T %F %L  "

# priority for peer != address as notified by client
# (lookup may fail on firewalled client)
#
# SeverityLookup = warn

# time till next file check (seconds)
SetFilecheckTime=600

# Only highest-level (alert) reports will be mailed immediately,
# others will be queued. Here you can define, when the queue will
# be flushed (Note: the queue is automatically flushed after
# completing a file check).
#
# maximum time till next mail (seconds)
SetMailTime=86400

# maximum number of queued mails
SetMailNum=10

# where to send mail to
SetMailAddress=root@localhost

# mail relay host
# SetMailRelay=relay.yourdomain.de

# The binary. Setting the path will allow
# samhain to check for modifications between
# startup and exit.
#
# SamhainPath=/usr/local/bin/samhain

# where to get time from
# SetTimeServer=www.yourdomain.de

# where to export logs to
SetLogServer=localhost

# timer for time stamps
SetLoopTime=10

# trusted users (root and the effective user are always trusted)
# TrustedUser=bin

# whether to test signature of files (init/check/none)
# - if 'none', then we have to decide this on the command line -
#
ChecksumTest=check


[Clients]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iEYEARECAAYFAlUTGCcACgkQGq0myA9XH2zINACfQb/Wfa19OBbHVkw9uBNMB+lF
cwUAnR0Geb+sFDcv7JsrrTjY8htjPHd2
=7wXO
-----END PGP SIGNATURE-----