Skip to content

File Checksum Sensor

Overview

Subscription

This sensor is only available with Entreprise subscriptions

The File Checksum Sensor in Onagre allows users to monitor the integrity and existence of files within a system. This sensor can either verify if a file exists at a specific location or check its checksum to ensure its content has not been altered.

Configuration Options

When setting up a File Checksum Sensor, the following parameters can be configured:

  • File Path: The absolute or relative path to the file to be checked.
  • Verification Mode:
  • Checksum Validation: Ensures the file’s content matches a predefined hash.
  • File Existence Check: Simply verifies whether the file exists.
  • Hash Algorithm (for checksum validation):
    • MD5
    • SHA-1
    • SHA-256
    • SHA-384
    • SHA-512
  • Expected Hash (for checksum validation): The predefined hash value that the file should match.
  • Check Interval: Defines how often the file should be checked.

Response Validation

The File Checksum Sensor validates responses based on:

  • File Existence: Confirms whether the specified file is present.
  • Checksum Matching: Ensures that the file content has not been modified by comparing its hash against the expected value.

Alerts and Notifications

If the file is missing or its checksum does not match the expected value, the sensor can trigger alerts via:

  • Slack, Microsoft Teams, Discord, Google Chat, Webhooks, Pushover
  • Email Notifications
  • Onagre’s Dashboard for Incident Tracking

Use Cases

  • Ensuring critical configuration files are present in a system.
  • Detecting unauthorized changes to sensitive files.
  • Monitoring file integrity for security compliance.

Deployment

The File Checksum Sensor operates within Onagre’s private agent framework, allowing checks to be performed in secure internal environments.

Summary

The File Checksum Sensor provides two essential monitoring capabilities: verifying file existence and ensuring data integrity through checksum validation. By integrating with modern alerting tools, it helps teams proactively detect missing files or unexpected modifications.