https://github.com/razikus/linux-access-audit
https://github.com/razikus/linux-access-audit
Last synced: 4 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/razikus/linux-access-audit
- Owner: Razikus
- Created: 2023-07-24T11:03:25.000Z (about 2 years ago)
- Default Branch: master
- Last Pushed: 2023-07-31T09:00:20.000Z (about 2 years ago)
- Last Synced: 2025-10-03T02:00:55.934Z (11 days ago)
- Language: Shell
- Size: 12.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# AccessAudit
## Video
Check instruction video! [here](https://www.youtube.com/watch?v=TwhQU6Aj2pI)
## Introduction
Imagine you have a garage with 1 million dollar car inside. You gave a key for someone that will clean your car daily. Without any camera or access control - will you sleep well in the night?
AccessAudit is exactly this - logs any access request into immutable cloud database [immudb Vault](https://vault.immudb.io) designed to provide tamper proof storage.
## Features
The script will:
1. Ensure it's running on a Linux system.
2. Verify that the user has the necessary sudo privileges.
3. Get an immudb Vault Write API Key from the user.
4. Test the provided API key.
5. Check for the presence of the `curl` tool.
6. Create necessary configurations and scripts to forward access logs to the Vault.
## Prerequisites
1. Ensure the script is executed on a system running Linux.
2. The script must be executed by a user with sudo privileges.
3. You need to have the `curl`, `sudo`, `rsyslog` and `systemctl` installed.
4. Access to immudb Vault with a valid Write API Key. (You can obtain it [here](https://vault.immudb.io/))
## Usage
1. Download the bash script or clone the repository containing the script.
2. Make the script executable: `chmod +x .sh`
3. Run the script: `./.sh`
Upon running, you'll be greeted with a welcome message outlining the steps the installer will take. It will also remind the user that AccessAudit will use the default collection and ledger.
To proceed with the installation, you will need to:
- Confirm your intention to continue.
- Provide your immudb Vault Write API Key when prompted.
The script will then check the validity of the provided API key, setup configurations, and restart the rsyslog service.
## Notes
- Ensure you have a proper backup or snapshot of your configurations before executing scripts that modify system configurations.
- Always review scripts and READMEs before executing them, especially when they require root or sudo privileges.
## Troubleshooting
1. If you encounter a message stating `Systems other than linux are not supported`, ensure you are running the script on a Linux system.
2. If the script says `sudo did not set us to uid 0`, ensure you're running the script as a user with sudo privileges.
3. In case the script aborts due to a failed API key check, verify the key you provided and try again.
4. If `curl` is not available, install it and then rerun the script.
## Contributions
Contributions are welcome! Please check with the project owner or the repository's contribution guidelines before making any changes.
## Support
For any issues, questions, or feedback, please refer to the project's issue tracker or contact the project maintainers.