Hey there, I am glad Cisco is supporting RHEL 7, but RHEL 8 has been released and the obvious question is:
Will Cisco AMP gets an Endpoint for this?
Also there were some rumors Cisco is working on an Ubuntu compatible version. As RHEL 8 is using Kernal 4.18, which is not compatible with the RHEL 7 AMP endpoint due to the usage of jprobes, which are not longer available in Kernel 4.15 (see also https://github.com/cisco/ampfsm) there is more work affordable I guess. So in the same way, a Ubuntu client looks like an option to me now.
Friendly hint -> Look at Sophos Talpa module (https://github.com/sophos/talpa). They found a way to monitor file access and its compatible with Kernel 5+, as far as I know.