Lib.rs

Filesystem
#file-access #monitoring #file-path #log-file #logging #modification

app distillate

A monitoring tool to watch for file access and log on modification

Owned by Alex Jones.

1 unstable release

0.1.0 Mar 1, 2024

#814 in Filesystem

MIT license

11KB
176 lines

Distillate

Distillate will watch filesystem resources and notify on changes to selected resources. The typical usecase would be to monitor for tampering of critical system files.

Usage

distillate run --options-path=distillate.config

Example configuration

{
    "fuzzy_paths": true,
    "watch_paths": [{
    "path": "/etc",
    "recursive": true,
    "alert_on": [
        {
            "event_type": "create",
            "path": "/etc/hosts"
        }
    ]
    }],
    "sink": {
        "log_path": "monitoring.log"
    }
}

Example monitoring output

[2024-03-01T11:17:00.053856 00:00]"create" event detected on path "/private/etc/1"
[2024-03-01T11:17:01.271469 00:00]"create" event detected on path "/private/etc/1"
[2024-03-01T11:17:01.271617 00:00]"remove" event detected on path "/private/etc/1"

Dependencies

~6–15MB
~180K SLoC