diff --git a/roles/bastionhost/handlers/main.yml b/roles/bastionhost/handlers/main.yml
index 2b0f82b..98a37cc 100644
--- a/roles/bastionhost/handlers/main.yml
+++ b/roles/bastionhost/handlers/main.yml
@@ -11,4 +11,25 @@
 - name: restart rsyslog
   ansible.builtin.service:
     name: rsyslog
-    state: restarted
\ No newline at end of file
+    state: restarted
+
+- name: Update_aide_database
+  block: # This block is now a task within the handler
+    - name: system setup | aide | run aide --update to check for legitimate changes
+      tags: aide,hardening,system
+      command: aide --update
+      register: aide_update_result
+      changed_when: "'new database written to' in aide_update_result.stdout"
+      async: 1800 # Allow up to 30 minutes for update
+      poll: 15
+
+    - name: system setup | aide | activate updated database
+      tags: aide,hardening,system
+      copy:
+        src: /var/lib/aide/aide.db.new
+        dest: /var/lib/aide/aide.db
+        remote_src: true
+        owner: root
+        group: root
+        mode: '0600'
+      when: aide_update_result.changed
\ No newline at end of file