go-audit Logo

go-audit

0
Free
Visit Website

About go-audit is an alternative to the auditd daemon that ships with many distros. After having created an auditd audisp plugin to convert audit logs to json, I became interested in creating a replacement for the existing daemon. Goals: - Safe: Written in a modern language that is type safe and performant - Fast: Never ever ever ever block if we can avoid it - Outputs json: Yay - Pluggable pipelines: Can write to syslog, local file, Graylog2, or stdout. Additional outputs are easily written. Connects to the Linux kernel via netlink. Usage: - Installation: Install golang, version 1.14 or greater is required. Clone the repo, build the binary, and copy the binary go-audit to wherever you'd like. - Testing: Run unit test suite, code coverage results, benchmark test suite, benchmark test suite with CPU profiling, and benchmark test suite with CPU profiling and GC collection. - Running as a service: Check the contrib folder, it contains examples for how to run go-audit as a proper service on.

FEATURES

ALTERNATIVES

FortiEDR is an automated endpoint security solution that integrates with the Fortinet Security Fabric and third-party solutions to reduce MTTR and provide real-time breach detection and response.

Heimdal Enterprise provides a unified cybersecurity platform with advanced network and endpoint security solutions, including threat hunting and privileged access management.

Android Loadable Kernel Modules for reversing and debugging on controlled systems/emulators.

Open-source platform for IT and security teams with flexibility in feature usage and support for various platforms.

Track postMessage usage with this Chrome Extension

Symantec Enterprise Cloud provides comprehensive cybersecurity for large enterprises, with a focus on data-centric hybrid security and innovation in threat and data protection.

Advanced Endpoint Protection is a complete endpoint protection platform that provides advanced threat protection against ransomware, data breaches, and malware.

A Python library for loading and executing Beacon Object Files (BOFs) in-memory.