FIM Custom rules for linux

### Description
We need to design and implement a robust set of File Integrity Monitoring (FIM) custom rules for Linux endpoints to enhance detection of unauthorized system changes, persistence mechanisms, and binary tampering.

### Key Objectives

- Detect unauthorized modifications to critical system files, configurations, and binaries.

- Identify persistence mechanisms used by malware or attackers (e.g., startup scripts, cron jobs, systemd units).

- Monitor sensitive directories for privilege escalation attempts.

### Definition of Ready:

- Target files identified.

- False positive risk evaluated.

- Agent test environment available.

### Acceptance Criteria:

- Changes to any of the files generate an alert in Wazuh.

- Alerts contain username, file path, and timestamp.

### Definition of Done:

- Config pushed to repo.

- Documentation updated.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

FIM Custom rules for linux #100

Description

Key Objectives

Definition of Ready:

Acceptance Criteria:

Definition of Done:

Sub-issues

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Uh oh!

FIM Custom rules for linux #100

Description

Description

Key Objectives

Definition of Ready:

Acceptance Criteria:

Definition of Done:

Sub-issues

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions