OpenBSM: does somebody work on it?
- From: Lev Serebryakov <lev@xxxxxxxxxxx>
- Date: Wed, 29 Jun 2011 14:59:15 +0400
I'm trying to use audit, and has some problems. First one is
impossiblity to create custom event class, and second one I hit is
auditreduce doesn't filter events by date (-b/-a/-d options with any
arguments produces empty output), it doesn't merge files properly and
doesn't pick up files automagically, as Solaris' one does. It doesn't
have -C/-M/-O functionality of Solaris' one, too. So, proper merging
of audit trial files seems to be impossible :(
I could try to fix & extend auditreduce(1), but does somebdy but me
Does somebody use audit on FreeBSD on production systems?
// Black Lion AKA Lev Serebryakov <lev@xxxxxxxxxxx>
freebsd-security@xxxxxxxxxxx mailing list
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Prev by Date: Re: How to add new audit class?
- Next by Date: Re: OpenBSM: does somebody work on it?
- Previous by thread: How to add new audit class?
- Next by thread: Re: OpenBSM: does somebody work on it?