Should I disable maldet monitoring or not ?

[mbautista]

Hello,
First thank you for maldet, it's a great tool :)
I just had a few questions about the maldet monitoring service.

We use maldet on our shared web servers that host hundreds of websites, and we set up a nightly scan which works well.
I've just discovered that there was a "monitoring service", if I understood it correctly, this service can listen to modified files and scan them on the fly using inotify.

Currently this service fails to start because inotify-tools is not installed on our servers. I was wondering whether I should fix this or not : if I install inotify-tools and setup the monitor path correctly, then the service would start, but I'm afraid it might consume lots of resources (because it's a shared server with hundreds of websites), I think the nightly scan is sufficient for now.

My questions are :

• Do you think it's a good practice to disable monitoring on shared servers ?
• If NO then : Will it consume a lot if I turn it on for all users paths ? Or maybe I could set only specific system path(s) ?
• If YES then : Can you please indicate a way to properly disable the service without having a "failed" error ?

Thank you for your help :)
Mathieu.

[WilliamDEdwards]

As inotify is a kernel subsystem, it is efficient. Shouldn't be a problem to use it.