yum --enablerepo=epel -y install inotify-tools

# install from EPEL

inotifywait -e create,delete,modify,move -mrq /etc &

# try to create a file under the /etc

touch /etc/test.txt

# try to rename the file

mv /etc/test.txt /etc/test.conf

# try to remove the file

rm -f /etc/test.conf

vi /etc/rc.d/init.d/inotifywait

#!/bin/bash

# inotifywait:
#
# chkconfig:
# description:
#
# processname:

. /etc/rc.d/init.d/functions
. /etc/sysconfig/network

LOCK=/var/lock/subsys/inotifywait
LOGFILE=/var/log/inotify.log
MONITOR=/etc

RETVAL=0
start() {
   echo -n $"Starting inotifywait: "
   /usr/bin/inotifywait \
   --format '%w%f %e %T' \
   --timefmt '%Y/%m/%d-%H:%M:%S' \
   --exclude '.*\.sw[pox].*' \
   -e create,delete,modify,move \
   -o $LOGFILE \
   -dmrq $MONITOR

   RETVAL=$?
   echo
   [ $RETVAL -eq 0 ] && touch $LOCK
   return $RETVAL
}
stop() {
   echo -n $"Stopping inotifywait: "
   killproc inotifywait
   RETVAL=$?
   echo
   [ $RETVAL -eq 0 ] && rm -f $LOCK
   return $RETVAL
}
case "$1" in
   start)
      start
      ;;
   stop)
      stop
      ;;
   status)
      status inotifywait
      ;;
   restart)
      stop
      start
   ;;
*)
   echo $"Usage: $0 {start|stop|status|restart}"
   exit 1
esac
exit $?

chmod 755 /etc/rc.d/init.d/inotifywait

/etc/rc.d/init.d/inotifywait start

chkconfig --add inotifywait

chkconfig inotifywait on

# try to do some actions

touch /etc/test.txt

mv /etc/test.txt /etc/test.conf

vi /etc/test.conf

rm -f /etc/test.conf

# logs are taken like follows

cat /var/log/inotify.log