Skip to content

weird1826/File-Integrity-Monitor-in-Python

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
README.md
README.md
 
 
config.ini
config.ini
 
 
fim.py
fim.py
 
 

Repository files navigation

File Integrity Monitor (FIM) in Python

A simple but effective command-line File Integrity Monitor (FIM) written in Python. This tool helps you detect changes in your filesystem by creating a baseline of file hashes and comparing it against the current state of the files.

Features

  • Baseline Creation: Creates a snapshot (baseline.json) of a directory's state, storing file paths and their corresponding SHA-256 hashes.
  • Integrity Checking: Compares the current state of the directory against the baseline and reports any changes.
  • Detects:
    • New files added.
    • Files that have been deleted.
    • Files that have been modified.
  • Configurable Exclusions: Easily exclude specific files and directories from being monitored via a config.ini file. Supports wildcard patterns.
  • Logging: All checks are logged to both the console and a persistent fim.log file with timestamps.

Requirements

  • Python 3.x
  • No external libraries are required.

How to Use

The script is run from the command line and has two main modes: init and check.

1. Initialize the Baseline (init)

First, you need to create a baseline for the directory you want to monitor. This command will scan the directory and save the file hashes to baseline.json.

python fim.py init /path/to/your/directory

Example:

python fim.py init "C:\Users\YourUser\Documents"

2. Check for Changes (check)

Once the baseline is created, you can run the check command to compare the current state of the directory against the baseline.

python fim.py check /path/to/your/directory

Example:

python fim.py check "C:\Users\YourUser\Documents"

The script will output any detected changes to the console and also append the results to fim.log.

Configuration

To exclude certain files or directories from being monitored, create a config.ini file in the same directory as the script.

The exclusion patterns support wildcards (e.g., *.log, temp*).

Example config.ini

[Exclusions]
# Exclude directories by name or pattern.
# This will exclude any directory named 'node_modules' or '.git',
# and any directory that starts with 'cache'.
exclude_dirs = node_modules, .git, cache*

# Exclude files by name or pattern.
# This will exclude all files ending in .log or .tmp.
exclude_files = *.log, *.tmp

Output

  • baseline.json: A JSON file containing the file paths and their SHA-256 hashes that serves as the integrity baseline. Do not edit this file manually.
  • fim.log: A log file that records the results of every integrity check, providing a historical record of changes.
  • Console Output: Immediate feedback on the status of the monitored directory.

Sample Report

When a check is run, a report similar to this will be generated in fim.log and printed to the console:

---------------------------------------
Integrity Check Report (2023-10-27 14:30:00.123456)
---------------------------------------
WARNING: New files detected (1):
  - new_document.txt
WARNING: Deleted files detected (1):
  - old_archive.zip
WARNING: Modified files detected (1):
  - important_notes.txt
---------------------------------------

If no changes are detected, it will report that "Everything is OK."

License

This project is licensed under the MIT License.

About

This tool scans for integrity compromises for the specified directory using various libraries.

Topics

python security integrity-monitoring complaince

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages