FUSE-based Syslog Agent for File Access Log
暂无分享,去创建一个
Because the log information provides some critical clues for solving the problem of illegal system access, it is very important for a system administrator to gather and analyze the log data. In a Linux system, the syslog utility has been used to gather various kinds of log data. Unfortunately, there is a limitation that a system administrator should rely on the services only provided by the syslog utility. To overcome this limitation, this paper suggests a syslog agent that allows the system administrator to gather log information for file access that is not serviced by syslog utility. The basic concept of the suggested syslog agent is that after creating a FUSE, it stores the accessed information of the files under the directory on which FUSE has been mounted into the log file via syslog utility. To review its functional validity, a FUSE file system was implemented on Linux (Ubunt 14.04), and the log information of a file access was collected and confirmed.
[1] Dongkun Shin,et al. Performance improvement with zero copy technique on FUSE-based consumer devices , 2014, 2014 IEEE International Conference on Consumer Electronics (ICCE).
[2] Di Liu,et al. Using the user space file system to protect file , 2010, The 2010 International Conference on Apperceiving Computing and Intelligence Analysis Proceeding.
[3] Scott Mann,et al. Linux System Security: An Administrator's Guide to Open Source Security Tools , 2001 .