Kubernetes simple file integrity monitoring (FIM) container
Contributed by Google employees.
This example provides a basic FIM Docker image with regularly scheduled scans.
This example is designed to be run on Google Container-Optimized OS, but should work with most other Docker servers.
basic-fim is an open source file integrity monitoring application that monitors for files that are new, altered, or deleted.
- Build your Docker image.
- Deploy that image to your Kubernetes cluster.
- Use Daemonsets to configure the new workload to run one scanner pod per node.
- Ensure that scan-required paths within other pods are mounted as named volumes so they will be included in the scan of the node.
For more information, see Installing antivirus and file integrity monitoring on Container-Optimized OS.