Lists

Terms and Conditions
Lists hosted on this site
Email the Postmaster
Tips for posting to public mailing lists

Monitoring File Access (Read / Write)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Monitoring File Access (Read / Write)

Subject: Monitoring File Access (Read / Write)
From: Krishna Monian <email@hidden>
Date: Thu, 17 Jun 2004 14:15:59 -0700 (PDT)

Hi All,

Is it possible to write some sort of kernel mode app
that hooks on to all file system calls / IO calls and
logs all of these ?

I took a look at the File Alteration Monitor (FAM) but
that doesn't achieve this completely. It doesn't log
file reads.

I am basically trying to write a utility that will log
every file that is accessed (read / write) in a
particular directory in the system.

What would be the best way to go about doing this? Is
a kernel hook the only way? Is there anything that has
already been done along these lines (quite sure it
has)?

Any help on this will be greatly appreciated.

Thanks
Krishna Monian

__________________________________
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
http://promotions.yahoo.com/new_mail
_______________________________________________
darwin-kernel mailing list | email@hidden
Help/Unsubscribe/Archives: http://www.lists.apple.com/mailman/listinfo/darwin-kernel
Do not post admin requests to the list. They will be ignored.

Follow-Ups:
- Re: Monitoring File Access (Read / Write)
  - From: Marek Kozubal <email@hidden>
- Re: Monitoring File Access (Read / Write)
  - From: Justin Walker <email@hidden>

Prev by Date: Re: Timers in my NKE
Next by Date: Re: Timers in my NKE
Previous by thread: Re: Timers in my NKE
Next by thread: Re: Monitoring File Access (Read / Write)
Index(es):
- Date
- Thread