Our great sponsors
-
fim
FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
https://achiefs.com/https://documentation.achiefs.com
It is a great question. We have based the development on a library called notify, kudos to https://github.com/notify-rs/notify. This library adds a layer of abstraction to each system. It implements kernel-specific hooks as you mentioned. In some cases like Audit extended data, we have developed an integration that detects changes on the Audit log file and processes the given information including a lot of information into Linux systems. We have plans to include it in Windows as well.