The audit package contains the user-spaceutilities for creating audit rules, as well as forstoring and searching the audit records generateby the audit subsystem in the Linux 2.6 kernel. It also has a basic Intrusion Detection plugin based on audit events capable of IDMEF alerting using prelude.
License: GNU General Public License (GPL)
Changes:
This release fixes another problem in interpreting keys in rules. A key report has been added to aureport. Support has been added for an audit rule filetype option available in the upcoming 2.6.26 kernel. The system config audit has been updated.
More...