go-audit Logo

go-audit

0
Free
Visit Website

About go-audit is an alternative to the auditd daemon that ships with many distros. After having created an auditd audisp plugin to convert audit logs to json, I became interested in creating a replacement for the existing daemon. Goals: - Safe: Written in a modern language that is type safe and performant - Fast: Never ever ever ever block if we can avoid it - Outputs json: Yay - Pluggable pipelines: Can write to syslog, local file, Graylog2, or stdout. Additional outputs are easily written. Connects to the Linux kernel via netlink. Usage: - Installation: Install golang, version 1.14 or greater is required. Clone the repo, build the binary, and copy the binary go-audit to wherever you'd like. - Testing: Run unit test suite, code coverage results, benchmark test suite, benchmark test suite with CPU profiling, and benchmark test suite with CPU profiling and GC collection. - Running as a service: Check the contrib folder, it contains examples for how to run go-audit as a proper service on.

FEATURES

ALTERNATIVES

A guide to implementing Microsoft AppLocker for application whitelisting

Comprehensive cybersecurity platform for hybrid and multi-cloud environments

The official security guide for Red Hat Enterprise Linux 7, providing detailed information on securing the operating system.

A free, fast, and flexible multi-platform IOC and YARA scanner for Windows, Linux, and macOS.

Comprehensive business security suite with enhanced features to protect against malware, phishing, and advanced threats.

YARA-Endpoint is a client-server architecture tool that can be used for endpoint protection and incident response.

Sophos Intercept X Endpoint is a comprehensive endpoint security solution that provides unparalleled protection against advanced attacks, ransomware, and data loss.

Cloud-based virus scan APIs for securing files, URLs, and content uploads with advanced anti-virus and malware scanning capabilities.