Host monitoring is a delicate matter, and the toolset available and the necessary level of expertise don't make the exercise particularly easy. In fact, most of the tools from this chapter require either extensive configuration, or in some instances, rebuilding from sources with a quite complex set of options. A prominent example of such a tool is Samhain, the file integrity checker that needs to be tailored to your platform.
If on top of basic usage you add the complexity associated with managing numerous hosts in a distributed environment, you are in for the long haul. Fortunately, there are administration interfaces out there that should ease your life as a security administrator and particularly with regards to the log-burying syndrome. All in all, I hope this chapter proves worth reading and provides a good starting point for monitoring your servers.
—Eric Moret