Introduction

Both Osiris and Samhain sport a modular interface that allows you to extend the functionality of their scan agents. This interface is useful for a number of reasons. First, it allows for a number of developers to contribute to improving the functionality of the software. Second, it keeps the agent code small and manageable. As an administrator, you can add modules to your agents to satisfy the various needs of your deployment; you only have to add the modules that make sense for your environment.

The word module can be used to describe many things in software. With some applications (e.g., Apache) you can write modules that can by dynamically linked into the application. Both Osiris and Samhain only allow for static modules, which means that if you want to add or remove the functionality of a module from the agent, you must recompile. This appendix examines ways to customize Osiris and Samhain to extend the monitoring capabilities of their agents. Each section walks through the creation of a simple module and shows you how to test it. The goal here is to teach you the basic procedures so that you can develop your own modules.

Both Osiris and Samhain and their modules are written in C; therefore, it is assumed that you have some familiarity with C programming. You must have a system with a C compiler as well as the latest Osiris and/or Samhain source. Do not attempt to follow these examples on a production system. It...