The audit package contains the user-spaceutilities for creating audit rules, as well as forstoring and searching the audit records generateby the audit subsystem in the Linux 2.6 kernel. It also has a basic Intrusion Detection plugin based on audit events capable of IDMEF alerting using prelude.
License: GNU General Public License (GPL)
Changes:
This release corrects a build problem including ipc.h from the 1.7.1 release. It also adds searching by login session ID for 2.6.25 kernel records.
More...