Skip to content
/ LIFL Public

Old monitoring tool for the american nato defence unit. Never used.

License

GPL-2.0 license
1 star 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

binaryf/LIFL

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits

CONTRIBUTING.md

CONTRIBUTING.md

 
 

LICENSE

LICENSE

 
 

MANUAL

MANUAL

 
 

README.md

README.md

 
 

compile.sh

compile.sh

 
 

const.h

const.h

 
 

data_dump.sql

data_dump.sql

 
 

errors.sql

errors.sql

 
 

lifl.c

lifl.c

 
 

lifl.conf

lifl.conf

 
 

lifl.h

lifl.h

 
 

operations.sql

operations.sql

 
 

Repository files navigation

fr-LIFL

Description

LIFL. Linux Filesystem Logger. Version 0.1 beta.
A filesystem activities monitor. Storing data to MySQL database.

This software is similar to loggedfs, work from Rémi Flament and Victor Itkin,
but rewritten in C mainly with the purpose of storing data directly to database.

THIS IS A BETA VERSION, AND NEED TESTING.

Usage

The program remount a directory-path as a virtual filesystem.
Any filesystem operations inside this directory, is logged in detail.
The data can easily be arranged and analyzed by making spesific sql queries.

Program is configurable and features can be enabled or disabled.

Additional to the previous version of the project, known as loggedfs, this is added:

  • Remote logging. (SQL).
  • Log data analyzing becomes easier with SQL.
  • Logging of user's tty, login time and remote host address.
  • A seperated cmd and arguments list.
  • Parent process pid also with the parent cmd.
  • Error messages are now stored as human readable strings.
  • Simple 'on' and 'off' switches to increase performance.
  • An experimental write data dump feature is implented.
    Controlled with options to limit the output to the effective userid,
    write size or a specified command you might want to target.

The database formatted output can be of interest for further development.
My intention is to use a sql client front-end, like MySQLWorkbench.

Project goal

  • Transparency.
  • Usability.
  • Stability.

Compiling

You will need:

  • libmysqlclient-dev
  • libfuse-dev

Depending on your linux you need to set the flags

-D_FILE_OFFSET_BITS=64
-D_FILE_OFFSET_BITS=32

And eventually you might want to add

-DHAVE_UTIMENSAT
-DHAVE_POSIX_FALLOCATE
-DHAVE_SETXATTR

If you want to start lifl as your user, add read permission to /etc/fuse.conf, or add your user to fuse group.

To allow non-root users to use the allow_other mount option, you must add 'user_allow_other' in /etc/fuse.conf.

Database

  • create database
  • create database user
  • create tables from sql scripts.
operations.sql
errors.sql
data_dump.sql

When you have created the database, the database user and the tables, you will need a SELECT and INSERT permission for the program.

(DO NOT GIVE THE PROGRAM DATABASE USER ANY MORE PRIVLIGES).

Configuration

  • Defualt filename is 'lifl.conf'
  • (See "MANUAL")

Using

You have two options available:

-c --config
-t --test

Whithout any arguments program will start, daemonize, and load the configuration from default file.

Example:

./lifl
./lifl --config lifl.config
./lifl --config lifl.config --test

Notices

  • Remember to unmount the virtual directory after use.

  • The write data dump is ment to be an extra (experimental) feature.
    Many calls to pwrite are of block sizes (4096).
    You might log unwanted junk if you dont narrow it down with configuration options.

Needs

  • Testing.
  • Minor bug fixes.

Future features

  • Manpage.
  • Makefile.
  • Thread-safe.
  • Bandwith optimalization.
  • Filelist to target locations.

About

Old monitoring tool for the american nato defence unit. Never used.

Resources

Readme

License

GPL-2.0 license
Activity

Stars

1 star

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages