Skip to content

README.md

Latest commit

 

History

History
102 lines (70 loc) · 3.31 KB

README.md

File metadata and controls

102 lines (70 loc) · 3.31 KB

File Integrity Monitor (FIM) in Python

A simple but effective command-line File Integrity Monitor (FIM) written in Python. This tool helps you detect changes in your filesystem by creating a baseline of file hashes and comparing it against the current state of the files.

Features

  • Baseline Creation: Creates a snapshot (baseline.json) of a directory's state, storing file paths and their corresponding SHA-256 hashes.
  • Integrity Checking: Compares the current state of the directory against the baseline and reports any changes.
  • Detects:
    • New files added.
    • Files that have been deleted.
    • Files that have been modified.
  • Configurable Exclusions: Easily exclude specific files and directories from being monitored via a config.ini file. Supports wildcard patterns.
  • Logging: All checks are logged to both the console and a persistent fim.log file with timestamps.

Requirements

  • Python 3.x
  • No external libraries are required.

How to Use

The script is run from the command line and has two main modes: init and check.

1. Initialize the Baseline (init)

First, you need to create a baseline for the directory you want to monitor. This command will scan the directory and save the file hashes to baseline.json.

python fim.py init /path/to/your/directory

Example:

python fim.py init "C:\Users\YourUser\Documents"

2. Check for Changes (check)

Once the baseline is created, you can run the check command to compare the current state of the directory against the baseline.

python fim.py check /path/to/your/directory

Example:

python fim.py check "C:\Users\YourUser\Documents"

The script will output any detected changes to the console and also append the results to fim.log.

Configuration

To exclude certain files or directories from being monitored, create a config.ini file in the same directory as the script.

The exclusion patterns support wildcards (e.g., *.log, temp*).

Example config.ini

[Exclusions]
# Exclude directories by name or pattern.
# This will exclude any directory named 'node_modules' or '.git',
# and any directory that starts with 'cache'.
exclude_dirs = node_modules, .git, cache*

# Exclude files by name or pattern.
# This will exclude all files ending in .log or .tmp.
exclude_files = *.log, *.tmp

Output

  • baseline.json: A JSON file containing the file paths and their SHA-256 hashes that serves as the integrity baseline. Do not edit this file manually.
  • fim.log: A log file that records the results of every integrity check, providing a historical record of changes.
  • Console Output: Immediate feedback on the status of the monitored directory.

Sample Report

When a check is run, a report similar to this will be generated in fim.log and printed to the console:

---------------------------------------
Integrity Check Report (2023-10-27 14:30:00.123456)
---------------------------------------
WARNING: New files detected (1):
  - new_document.txt
WARNING: Deleted files detected (1):
  - old_archive.zip
WARNING: Modified files detected (1):
  - important_notes.txt
---------------------------------------

If no changes are detected, it will report that "Everything is OK."

License

This project is licensed under the MIT License.