fastfinder icon indicating copy to clipboard operation
fastfinder copied to clipboard
verified publisher icon codeyourweb

linux install instructions in error

Open dkragen opened this issue 2 years ago • 2 comments

<1> Under fedora 38, there is no directory or file called libyara/.libs. When I installed yara under /usr/local/sbin/, the libraries were installed in /usr/local/lib:

/usr/local/lib/libyara.a /usr/local/lib/libyara.la /usr/local/lib/libyara.so /usr/local/lib/libyara.so.10 #symbolic link pointing to libyara.so.10.0.0 /usr/local/lib/libyara.so.10.0.0

Further, yara libraries need to be updated as custom paths in /etc/ld.so.conf.d as well:

#yara-x86_64.conf

/usr/local/lib

Then, as root ldconfig

<2> Without the addition of the yara ld.so configuration file, using go1.20.4, even after pointing the LDFLAGS to this directory (export CGO_LDFLAGS="-L/usr/local/lib -lyara"), though the build went through (as via go build -tags yara_static -a -ldflags '-s -w' .), trying to run fastfinder resulted in error:

fastfinder: error while loading shared libraries: libyara.so.10: cannot open shared object file: No such file or directory

It might be good to include the above library adjustments in the linux directions.

dkragen avatar Nov 16 '23 19:11 dkragen

Well...it seems this project is pretty abandoned

q2dg avatar Dec 07 '25 22:12 q2dg

Hi,

It's not fully abandonned but i had many others projects to complete before working more on fastfinder initial goal.

I'm currently releasing a huge detection project consisting of a fully open-source SIEM and log ingestion/analysis platform. When the server-side will be fully operational, a cross-platform agent will be distributed as a standalone package and also as a client for this platform.

Fastfinder original features are already integrated in this new project (with many improvements). When it will be done, the original repository will probably be archived to maintain the new one.

If your interested, you can take a look at https://github.com/codeyourweb/sentinel-kit

WARNING: Features are currently under developpement / testing - currently not ready for production usage. I hope to release it by the end of Q1 2026.

codeyourweb avatar Dec 07 '25 22:12 codeyourweb

After quite a few discussions about this project, I decided to keep a standalone version. All the changes made in recent months have been added to this repository in version 3, which includes numerous features (performance & optimizations, improved documentation, unit tests, dependencies upgrade with YARA 4.5.5). In addition, I have added a Docker version for both building and launching the application (to reduce the number of steps required to compile the program manually). Feel free to take a look.

codeyourweb avatar Jan 03 '26 13:01 codeyourweb