[audit-notify] pre-PSARC Remote Audit Trail Storage - initial import of audit_tcp and rauditd
tomas.zeman at sun.com
tomas.zeman at sun.com
Fri Mar 16 04:15:23 PDT 2007
Author: "Tomas Zeman <tomas.zeman at sun.com>"
Repository: /hg/audit/patches
Latest revision: 17e2bd3d4c2bd1202cf82e0feb8c8ace6987c177
Total changesets: 1
Log message:
pre-PSARC Remote Audit Trail Storage - initial import of audit_tcp and rauditd
http://opensolaris.org/os/project/audit/projects/remote_storage
audit_tcp:
- auditd(1m) plugin sending audit records via a tcp connection to remote
hosts (with failover)
- configuration compliant with audit_control(4)
rauditd:
- tcp server logging audit records from remote hosts
- configurable via smf/scf, manifest included
- Solaris event ports API, worker threads
- generalized audit_binfile plugin used for logging
TODO:
- IPv6
- better communication protocol (ack-ing to ensure reliability)
Files:
create: audit_tcp.patch
create: rauditd.patch
update: series
More information about the audit-notify
mailing list