Join GitHub today
GitHub is home to over 36 million developers working together to host and review code, manage projects, and build software together.Sign up
Add file integrity metricset to Auditbeat audit module #4562
This metricset monitors files or directories for changes. When a file is changed it will calculate a MD5, SHA1, and SHA256 hash.
This metricset is not driven by the Linux Audit Framework (that is a future possibility). It uses inotify (linux), fsevents (macos), and ReadDirectoryChangesW (windows) to watch for changes.