File Integrity Check Script

Once on one server it was necessary to monitor the integrity of the file in which the changes were made, and if someone performed a system update, then this file could change and corrections had to be made again.
Usually I use a Zabbix agent and a Zabbix server for such purposes, but this server was single and it makes no sense to install a Zabbix server on it, so I wrote a simple script:

if md5sum -c /scripts/md5/filename.md5; then
    echo "OK"
   (echo "Subject:File changed"; echo "File /dir/filename.txt changed on $HOSTNAME!";) | sendmail
   md5sum /dir/filename.txt > /scripts/md5/filename.md5

Add to /etc/crontab (for example, to check every 2 hours):

1 */2 * * * root /scripts/md5/ >/dev/null 2>&1

As a result, if the file is changed, the script will send a notification to the specified email, and the new hash will be recorded in filename.md5, that is, the notification will be sent to the email only once after the file has been changed.

See also my articles:
Tracking file changes via Zabbix
Using and configuring CRON

Leave a comment

Leave a Reply