7. Customize

samhain comes with default configuration files for several operating systems: samhainrc.linux, samhainrc.solaris, samhainrc.freebsd, samhainrc.aix5.2.0(and yulerc for the server). The installation routine will choose the one matching closest your system, or fall back to samhainrc.linux, if no good match could be found. However, all these configuration files are kept very general, and most probably you want to adjust settings like:

  • which files/directories should be checked

  • which logging facilities should be used

The default location of the configuration file is /etc/samhainrc(see Section 10 ). To customize, type:

        sh$ vi /etc/samhainrc

The default configuration file is heavily commented to help you. For a list of all runtime configuration directives, please have a look at Appendix C .

If you have any typos or other errors in your configuration file, samhain will log warning messages upon startup including the corresponding line number of the configuration file.