Skip to content
/ fim Public

FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data.

License

Notifications You must be signed in to change notification settings

Achiefs/fim

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

FIM

Join us on Slack GitHub Coverage Status Docs

FIM is a File Integrity Monitoring tool that tracks any event over your files. It is capable of keeping historical data of your files. It checks the filesystem changes in the background.

FIM is the fastest alternative to other software like Ossec, which performs file integrity monitoring. It could integrate with other security tools. The produced data can be ingested and analyzed with tools like ElasticSearch/OpenSearch. It has developed with Rust, a popular programming language.

Get started

Take a look at our Getting Started page to set up FIM.

Configuration

To customize your installation take a look at our Configure File Integrity Monitor page.

Contribute

Feedback

Feel free to open an issue in this repository or send your feedback to our developers through [email protected] We will be glad to hear from you and your thoughts about the product.

How to compile

We suggest reviewing the Development page where the required setup is described.

Features

  • File watcher. FIM will emit events on any produced action over your files. It will enhance your environment to the next level of security.
  • Real-time alerting. FIM works in real-time. Any change in your files will trigger at the moment.
  • Fast and reliable. With rust language at the heart of FIM code. It allows us to produce faster, safer and more reliable code.
  • Ingester integrated. FIM supports native events sent to any current indexer like OpenSearch, ElasticSearch and Wazuh indexer. Enhance your experience.
  • Identification of changes in content, attributes, ownership or permissions.
  • Extended detected event data, using Audit Linux daemon. Retrieve who produces an event and which command produces it.
  • Historical logs storage of detected events.
  • File integrity checking. Automated file integrity hash production. FIM will analyze each file change.
  • Compatible with Linux, macOS and Windows.
  • Open Source software. Our software is developed as a completely free open-source model. It includes a TDD methodology to produce better software.