File Watchtower Documentation

Getting Started with File Watchtower

File Watchtower is a lightweight file integrity monitoring tool designed to help you detect and respond to unauthorized file system changes.

Prerequisites

• Python 3
• Write access to the installation directory
• Email server (for notifications)

Installation

1. Clone or download the project files:

git clone https://github.com/your-username/file-watchtower.git

2. Place the project files in a writable directory, outside the directories being watched:

mv file-watchtower /opt/
cd /opt/file-watchtower

3. Configure your settings in settings.py

4. Create your watch list in watch_list.txt

Configuration

Watch List Format

The watch list file (watch_list.txt) supports two formats:

1. Single File Monitoring:

/var/www/html/config.php

2. Directory Monitoring:

/path/to/directory, include_subdirs, excluded_extensions, max_file_size

Example:

/var/www/html/wordpress/wp-content/themes, true, .css|.woff|.ttf, 1048576

Initial Setup

Run the initial scan to create baseline records:

python3 watchtower.py --silent-scan

Automated Monitoring

Set up a cron job for routine scanning:

* * * * * python3 /opt/file_watchtower/watchtower.py --routine_scan
* * * * * python3 /opt/file_watchtower/watchtower.py --process-email-queue

Command Line Options

• --routine_scan: Run normal monitoring scan
• --silent-scan: Create baseline records without alerts
• --process-email-queue: Send pending email alerts
• --export-db: Export records to CSV
• --reset: Clear the database
• --version: Show version information