Real time syschekd on FreeBSD/Mac OS X (kevent())
33 views
Skip to first unread message
Danny Fullerton
Sep 23, 2011, 9:50:37 AM9/23/11
to osse...@googlegroups.com
Hello,
Is implementing real time monitoring using kevent() on FreeBSD (and MAC
os X) in the pipeline? Otherwise is someone already working on this? If
not, I'll try to get this done on a rainy day.
Any info, advise would be greatly appreciated.
-Linux's inotify():
http://www.ibm.com/developerworks/linux/library/l-ubuntu-inotify/
-FreeBSD's kevent(): http://benno.id.au/blog/2008/05/15/simplefilemon
-OSSEC file to adapt:
https://bitbucket.org/dcid/ossec-hids/src/326e8d3d1d72/src/syscheckd/run_realtime.c
regards,
--
Danny Fullerton, CISSP GCIH GHTQ
Founder
Mantor Organization
B5E4 ADB4 AD81 A69A E5DB A475 91C9 E6AF 1948 8708
dan (ddp)
Sep 23, 2011, 10:37:37 AM9/23/11
to osse...@googlegroups.com
It's been talked about, but I don't think any work is actually being done.
Daniel Cid
Sep 23, 2011, 3:27:29 PM9/23/11
to osse...@googlegroups.com
A patch would be very welcome :)
Thanks,
Reply all
Reply to author
Forward
0 new messages