When initializing its database, Tripwire builds a collection of file system objects based on the rules in the policy file. This database serves as the baseline for integrity checks.
To initialize the Tripwire database, use the following command:
/usr/sbin/tripwire --init |
This command can take several minutes to run.
Once you finish these steps successfully, Tripwire has the baseline snapshot of your file system necessary to check for changes in critical files. After initializing the Tripwire database, you should run an initial integrity check. This check should be done prior to connecting the computer to the network and putting it into production. For further instructions, see Section 19.5 Running an Integrity Check.
Once Tripwire is configured to your satisfaction, you are free to place the system into production.