FIM is a File Integrity Monitoring tool that tracks any event over your files. It is capable of keeping historical data of your files. It checks the filesystem changes in the background.
FIM is the fastest alternative to other software like Ossec, which performs file integrity monitoring. It could integrate with other security tools. The produced data can be ingested and analyzed with tools like ElasticSearch/OpenSearch. It has developed with Rust, a popular programming language.
Take a look at our Getting Started page to set up FIM.
To customize your installation take a look at our Configure File Integrity Monitor page.
Feel free to open an issue in this repository or send your feedback to our developers through [email protected] We will be glad to hear from you and your thoughts about the product.
We suggest reviewing the Development page where the required setup is described.
- File watcher. FIM will emit events on any produced action over your files. It will enhance your environment to the next level of security.
- Real-time alerting. FIM works in real-time. Any change in your files will trigger at the moment.
- Fast and reliable. With rust language at the heart of FIM code. It allows us to produce faster, safer and more reliable code.
- Ingester integrated. FIM supports native events sent to any current indexer like OpenSearch, ElasticSearch and Wazuh indexer. Enhance your experience.
- Identification of changes in content, attributes, ownership or permissions.
- Extended detected event data, using Audit Linux daemon. Retrieve who produces an event and which command produces it.
- Historical logs storage of detected events.
- File integrity checking. Automated file integrity hash production. FIM will analyze each file change.
- Compatible with Linux, macOS and Windows.
- Open Source software. Our software is developed as a completely free open-source model. It includes a TDD methodology to produce better software.