go-audit Logo

go-audit

0
Free
Visit Website

About go-audit is an alternative to the auditd daemon that ships with many distros. After having created an auditd audisp plugin to convert audit logs to json, I became interested in creating a replacement for the existing daemon. Goals: - Safe: Written in a modern language that is type safe and performant - Fast: Never ever ever ever block if we can avoid it - Outputs json: Yay - Pluggable pipelines: Can write to syslog, local file, Graylog2, or stdout. Additional outputs are easily written. Connects to the Linux kernel via netlink. Usage: - Installation: Install golang, version 1.14 or greater is required. Clone the repo, build the binary, and copy the binary go-audit to wherever you'd like. - Testing: Run unit test suite, code coverage results, benchmark test suite, benchmark test suite with CPU profiling, and benchmark test suite with CPU profiling and GC collection. - Running as a service: Check the contrib folder, it contains examples for how to run go-audit as a proper service on.

FEATURES

ALTERNATIVES

SharpAppLocker provides a C# adaptation of the Get-AppLockerPolicy cmdlet for managing application control policies.

Open-source platform for IT and security teams with flexibility in feature usage and support for various platforms.

Cisco Secure Endpoint is a cloud-native endpoint security solution that provides advanced protection and response to threats.

Advanced malware scanning and removal tool that detects and removes various types of malware and offers additional protection with HitmanPro.Alert.

Comprehensive endpoint protection solution providing advanced threat detection, proactive defense, and efficient management.

A guide to implementing Microsoft AppLocker for application whitelisting

Powerfully simple endpoint security solution that takes down threats without interrupting business.

SentinelOne's Singularity Platform is an AI-powered enterprise security platform providing autonomous endpoint, cloud, identity, and data protection through its integrated XDR solution.