Is there a Linux command to monitor read and writes over a period of time? with what files were accessed and how much data was written.
Something like iotop -Pao (real-time) or iotop -obd (batch) ought to do the job. I donโt know if it includes writes to non-physical devices like tmpfs.
Some other commands you might find interesting: iosnoop, fatrace, pidstat, blktrace.
inotifywait -r -m desired/directory
sysdig can monitor and display file IO usage.
See this page for some examples: https://github.com/draios/sysdig/wiki/Sysdig Examples#disk-io
Iotop, lsof
They wonโt do exactly what you want but will get you partway there
For read/write ops or disk usage over time, I would usually use a monitoring system like Prometheus and Grafana.
When you start talking about what specific files are accessed and when, thatโs usually up to an intrusion detection system (or IDS). I donโt have good recommendations for that unfortunately.