Monitor and report or action file systems for specific files.
fscanary aims to be a replacement for some features of Microsoft’s File Server Resource Manager (FSRM), particularly in detecting creation of specific files and notifying the system admin of those files.
For example, it is likely to be desirable to have an alert when a user saves and executable file to the company file server.
- Download from the Releases page
fscanaryto your preferred binary location (eg,
- Copy the sample configuration file to the appropriate location:
The default location of the config file is OS-specific and is shown in the
fscanary -help. It can be overridden with the
-config command line
argument. For example:
fscanary -config /root/fscanary.conf
The configuration file is INI-style and has a global section for general configuration, then one or more sections to set up watches.
Example configuration file:
email = firstname.lastname@example.org smtp_server = smarthost smtp_from = email@example.com logging = 1 [executables] enabled = yes path = /home notify = yes quarantine = yes dest = /quarantined pattern = *.exe pattern = *.bat pattern = *.js pattern = *.bin pattern = *.cmd pattern = *.cpl pattern = *.dll pattern = *.lnk pattern = *.ps1 pattern = *.scr
Pull requests welcomed! Please keep the following points in mind:
- One feature change/bug fix per pull request.
- Multiple minor changes such as spelling may be in a single PR.
- Documentation must be updated with the PR where the change warrants documentation changes.
- Check the TODO.md file for specific tasks that are outstanding.
- Phillip Smith - fukawi2
This project is licensed under the MIT License - see the LICENSE.md file for details