Provided by: aide_0.19.1-2_amd64 
NAME
aide - Advanced Intrusion Detection Environment
SYNOPSIS
aide [parameters] command
DESCRIPTION
AIDE is an intrusion detection system for checking the integrity of files.
COMMANDS
--check, -C
Checks the database for inconsistencies. You must have an initialized database to do this. This is
also the default command. Without any command aide does a check.
--init, -i
Initialize the database. You must initialize a database and move it to the appropriate place (see
database_in config option) before you can use the --check command.
--dry-init, -n (added in AIDE v0.17)
Traverse the file system, match each file against the rule tree and report to stdout.
Neither reports nor the database are written in this mode.
To change the log level in this mode please use the --log-level command line parameter.
In this mode aide exits with status 0.
--update, -u
Checks the database and updates the database non-interactively. The input and output databases
must be different.
--compare, -E
Compares two databases. They must be defined in config file with database=<url> and
database_new=<url>.
--list (added in AIDE v0.19)
List the entries of the database in human readable format (analogous to the detailed report output
of new files). Note that the checksums are base16 encoded.
--config-check, -D
Stops after reading in the configuration file. Any errors will be reported. To change the log
level in this mode please use the --log-level command line parameter.
--path-check=file_type[=file_system_type]:path, -p file_type[=file_system_type]:path (added in AIDE
v0.17)
Read configuration and match provided file_type, optionally file system type (added in AIDE v0.19,
Linux only) and path against rule tree.
The path is independent of what is in the actual file system and needs to be absolute. See
RESTRICTED RULES section in aide.conf (5) for supported file types and file system types.
Please note that the specified file system type is only applied to the file and not to the parent
directories of the path. If a restricted rule cannot be matched against a parent directory due to
the missing file system type aide raises a warning.
To change the log level in this mode please use the --log-level command line parameter.
In this mode aide exits with status 0 if the file would be added to the tree, 1 if not and 2 if
the file does not match the specified limit.
PARAMETERS
--config=configfile , -c configfile
Configuration is read from file configfile (see --version output for default value). Use '-' for
stdin.
--limit=REGEX , -l REGEX (added in AIDE v0.16)
Limit command to entries matching REGEX. Note that the REGEX only matches at the first position.
Example
Only check and update the database entries matching /etc (i.e. the /etc directory) while
leaving all other entries unchecked and unchanged:
aide --update --limit /etc
--before="configparameters" , -B "configparameters"
These configparameters are handled before the reading of the configuration file. See aide.conf (5)
for more details on what to put here.
--after="configparameters" , -A "configparameters"
These configparameters are handled after the reading of the configuration file. See aide.conf (5)
for more details on what to put here.
--log-level=log_level,-Llog_level (added in AIDE v0.17)
The log level to use (see aide.conf (5) for available log levels and more details). This
overwrites the log_level value set in any configuration file.
--verbose=verbosity_level,-Vverbosity_level (REMOVED in AIDE v0.17)
Removed, use log_level and report_level config options instead (see aide.conf (5) for details).
--report=reporter,-r reporter (REMOVED in AIDE v0.17)
Removed, use report_url config option instead (see aide.conf (5) for details).
--workers=WORKERS , -W WORKERS (added in AIDE v0.18)
Specifies the number of workers (see aide.conf (5) for details). This overwrites the num_workers
value set in any configuration file.
--no-progress (added in AIDE v0.19)
Turn progress off explicitly. By default progress is shown if standard error is connected to a
terminal.
--no-color (added in AIDE v0.19)
Turn colored log output off explicitly. By default colored log output is enabled if standard error
is connected to a terminal.
--version,-v
Print version information and exit.
--help,-h
Prints out the standard help message.
EXIT STATUS
Normally, the exit status is 0 if no errors occurred. Except when the --check, --compare or --update
command was requested, in which case the exit status is defined as:
1 * (new files reported?) +
2 * (removed files reported?) +
4 * (changed files reported?)
Since those three cases can occur together, the respective error codes are added. For example, if there
are new files and removed files reported, the exit status will be 1 + 2 = 3.
Additionally, the following exit codes are defined for generic error conditions:
14 Writing error
15 Invalid argument error
16 Unimplemented function error
17 Configuration error
18 IO error
19 Version mismatch error
20 EXEC error
21 File lock error
22 Memory allocation error
23 Thread error
24 Database error
25 received SIGINT, SIGTERM or SIGHUP
SIGNAL HANDLING
SIGINT, SIGTERM, SIGHUP
Remove an incompletely written database (only if database file was created by aide) and exit (code
25).
SIGUSR1
Toggle the log_level between current and debug level.
SIGUSR1 is only handled after config parsing.
SIGWINCH
Resize the progress bar (if enabled).
NOTES
The checksums in the database and in the output are by default base64 encoded (see also report_base16
option). To decode them you can use the following shell command:
echo <encoded_checksum> | base64 -d | hexdump -v -e '32/1 "%02x" "\n"'
FILES
See --version output for the default config file and the default database_in and database_out config
values.
SEE ALSO
aide.conf(5)
BUGS
There are probably bugs in this release. Please report them at https://github.com/aide/aide/issues .
DISCLAIMER
All trademarks are the property of their respective owners. No animals were harmed while making this
webpage or this piece of software. Although some pizza delivery guy's feelings were hurt.
aide v0.19.1 2025-07-06 AIDE(1)