Multiplatform agent for file integrity monitoring (FIM).
The main motivation for this project is to offer all the minimum features required for a reliable FIM that is independent of any other big monitoring platform.
IMPORTANT: This project is currently an ALPHA release. Not suitable for production environment, it is still a work in progress.
- Simple and centralized configuration file (
integrityguard.conf) - Generate logs of any changes in real-time for future auditing
- Push notifications to an API endpoint
- Send email alerts
- Supported hashing methods: "md5", "sha1", "sha224", "sha256", "sha384", "sha512"
- To install, run
pip install integrityguard - Edit/provide the configuration file (
integrityguard.conf)- To copy the original .conf file, run
integrityguard --task copy_config --destination <full_path> - To provide the new .conf file path use
--config <full_path>
- To copy the original .conf file, run
- Generate the reference hashes, run
integrityguard --task generate_hashes- To provide the target path via command, run
integrityguard --task generate_hashes --target <full_path>
- To provide the target path via command, run
- Start the monitoring, run
integrityguard --task monitor- To provide the target path via command, run
integrityguard --task monitor --target <full_path>
- To provide the target path via command, run
IMPORTANT: By providing configurations via command line anything defined via .conf file will be overwritten.
For more information, run integrityguard --help
This project is just at the begining of its development. We're currently looking for engaged and energized people to colaborate and make it awesome.