Edit on GitHub
Report issue
Page history

Kubernetes simple file integrity monitoring (FIM) container

Author(s): @ianmaddox ,   Published: 2019-03-21

Ian Maddox | Solutions Architect | Google

Contributed by Google employees.

This example provides a basic FIM Docker image with regularly scheduled scans.

This example is designed to be run on Google Container-Optimized OS, but should work with most other Docker servers.

basic-fim is an open source file integrity monitoring application that monitors for files that are new, altered, or deleted.

Basic usage

  1. Build your Docker image.
  2. Deploy that image to your Kubernetes cluster.
  3. Use Daemonsets to configure the new workload to run one scanner pod per node.
  4. Ensure that scan-required paths within other pods are mounted as named volumes so they will be included in the scan of the node.

For more information, see Installing antivirus and file integrity monitoring on Container-Optimized OS.

Submit a tutorial

Share step-by-step guides

Submit a tutorial

Request a tutorial

Ask for community help

Submit a request

View tutorials

Search Google Cloud tutorials

View tutorials

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see our Site Policies. Java is a registered trademark of Oracle and/or its affiliates.