07-08-2008
Parsing Powerbroker Logs for SysAdmin Changes (SOX)
I need to identify a list of AIX command strings that can be used to parse Powerbroker logs for changes that are being made by Unix SysAdmins. Need to filter out (as much as possible) inquiry or routine maintenance activity and concentrate on software/security changes.
This is for internal SOX monitoring (control self-assessment) - I am not an auditor.
Can anyone help? Suggestions?
6 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I have a requirement to be able to issue selected commands with root privileges but don't have the ability to su to root due to audit requirements dictating that only our UNIX SA's have that feature.
I was told that Powerbroker would allow me to run the commands as root but our security people... (1 Reply)
Discussion started by: yvs24
1 Replies
2. UNIX for Advanced & Expert Users
Hello,
I am trying to convince my boss to stop allowing our users to login as root (superuser). Currently our users login to our unix server with their own account, then as needed, they will do an su and put in the root password.
This scares me, for a bunch of reasons. Mainly, one is that we... (1 Reply)
Discussion started by: rwallaceisg
1 Replies
3. Shell Programming and Scripting
My file will contain following(log.txt):
start testcase: config loading
......
error XXXX
.....
end testcase: config loading, result failed
start testcase: ping check
.....
error ZZZZZ
.....
error AAAAA
end testcase: Ping check, result failed
I am expecting below output. ... (4 Replies)
Discussion started by: shellscripter
4 Replies
4. Shell Programming and Scripting
Sorry, couldn't really think of a simple subject/title.
So, I have a log file, and the dates are displayed like so:
2009-03-05 02:49:44
So the first and second field are the date/time. I can change them into a unix timestamp easily with:
date -d "2009-03-05 02:49:44" +%s
However,... (17 Replies)
Discussion started by: Rhije
17 Replies
5. Shell Programming and Scripting
I would like to parse through some logs looking for things like exception or failed (grep -i failed). Ideal would be if it were in a menu format so someone without unix ability could just choose option 1 2 or 3 etc. If I could pass the hostname to a variable also that would be awesome, so someone... (5 Replies)
Discussion started by: taekwondo
5 Replies
6. UNIX and Linux Applications
Right now I am parsing Tuxedo logs to calculate response times for various services. I was hoping to find a log tool that had support for Tuxedo and would generate drill down html reports.
---------- Post updated at 02:35 PM ---------- Previous update was at 02:33 PM ----------
I just wanted... (0 Replies)
Discussion started by: Lurch
0 Replies
LEARN ABOUT DEBIAN
ods-auditor
ODS-AUDITOR(1) OpenDNSSEC ODS-AUDITOR(1)
NAME
ods-auditor - auditor component of OpenDNSSEC
SYNOPSIS
ods-auditor [options]
DESCRIPTION
ods-auditor is a module which provides auditing capabilities to OpenDNSSEC.
Once an unsigned zone has been signed, this module is used to check that the signing process has run successfully. It checks that no data
has been lost (or non-DNSSEC data added), and that all the DNSSEC records are correct. It used the OpenDNSSEC standard logging (defined in
/etc/opendnssec/conf.xml).
The Auditor takes the signed and unsigned zones and compares them. It first parses both files, and creates transient files which are then
sorted into canonical order. These files are then processed by the Auditor. If processing an NSEC3-signed file, the Auditor will create
additional temporary files, which are processed after the main auditing run.
Specific options:
-c, --conf [PATH_TO_CONF_FILE]
Path to OpenDNSSEC configuration file
(defaults to /etc/opendnssec/conf.xml)
-k, --kasp [PATH_TO_KASP_FILE]
Path to KASP policy file
(defaults to the path given in the configuration file)
-z, --zone [ZONE_NAME]
Single zone to audit
(defaults to audit all zones)
-s,--signed [PATH_TO_SIGNED_FILE]
If a single zone is specified, then this option may override the specified signed file with another. This is for use by the signer.
(defaults to the path given in the zone list)
-v, --version
Display version information
Common options:
-h, -?, --help
Show this message
ods-auditor 1.0.0rc3 January 2010 ODS-AUDITOR(1)