Re: OpenBSM: does somebody work on it?
On Jun 29, 2011, at 5:59 AM, Lev Serebryakov wrote:
> Hello, Freebsd-security.
>=20
> I'm trying to use audit, and has some problems. First one is
> impossiblity to create custom event class, and second one I hit is
> with auditreduce(1)
>=20
> auditreduce doesn't filter events by date (-b/-a/-d options with any
> arguments produces empty output), it doesn't merge files properly and
> doesn't pick up files automagically, as Solaris' one does. It doesn't
> have -C/-M/-O functionality of Solaris' one, too. So, proper merging
> of audit trial files seems to be impossible :(
>=20
> I could try to fix & extend auditreduce(1), but does somebdy but me
> need it?
>=20
> Does somebody use audit on FreeBSD on production systems?
FYI, a better place to discuss this would be the trustedbsd-audit =
mailing list. There are quite of few people that use OpenBSM in =
production on FreeBSD and Mac OS X that hang out on that list usually.
Regards,
-stacey.=
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 4 之 8 篇):