USBGuard

Install via pacman.

pacman -S usbguard

Generate policy:

sudo usbguard generate-policy > /etc/usbguard/rules.conf

After generating the config, start the daemon.

sudo systemctl enable --now usbguard

USBGuard Notifier

This will show notifications for USB related events.

Install notifier.

yay -S usbguard-notifier

Edit the config of the usbguard-daemon to allow your user or the group wheel access to the IPC socket and restart usbguard. The file is well documented; see the configuration in the web here.

In /etc/usbguard/usbguard-daemon.conf:

IPCAllowedGroups=wheel

Restart the service.

sudo systemctl restart usbguard

Enable usbguard-notifier service.

systemctl enable --user usbguard-notifier.service

Check for IPC connection errors in the user based log of usbguard-notifier as well as the usbguard log.

journalctl -efu usbguard
journalctl --user -efu usbguard-notifier