secguard
secguard is a little suite to monitor file-system changes on Linux systems. It uses inotify from the Linux-kernel for this job.
The suite
The suite consists currently of two tools and one shell script. This tools can collude together to reach a maximum of flexibility. Each tool does only it's job, not more.
- secguard
- Monitors file-system changes (monitors directories/files which are given on the command-line. For every change it prints out the path and the type of modification).
- msgcollect
- Like the name already tell you it collect messages (default from stdin). There are to ways of collecting. One way it to collect on a timely manner and the other way is to collect on a maximum of lines.
- mail-wrapper.sh
- It's a little wrapper which combines secguard and msgcollect to collect messages and send it over email to you.
Syntax
$ ./mail-wrapper.sh <path to monitor>+
$ ./secguard <path to monitor>+
$ ./msgcollect [-t timeout] [-l lines] [-f input_file]
Requirement
- >=linux-kernel-2.6.13
- The Linux kernel
- inotify enabled in the configuration
- So secguard will work
Compile and Install
$ make
Yes, that's all what you'll need to do. There's currently no install routine, but feel free to contribute one :-).
Download
- secguard-0.9.2.tar.bz2
- Added install routines.
- secguard-0.9.1.tar.bz2
- Fixed some bugs in msgcollect. Added documentation.
- secguard-0.9.0.tar.bz2
- secguard.c complete rewritten.
- secguard-0.8.5.tar.bz2
- The secguard suite.
GIT
There's another way to get secguard. Use git. Thanks to Nico Schottelius to let me do a git-repo on his machine. Nico has a gitweb application to visit the secguard-repo online.
For a checkout you need to have cogito installed.
$ git clone http://linux.schottelius.org/git/secguard