Login or Register to Ask a Question and Join Our Community


Software Releases - RSS News

audit daemon 1.7.11 (Default branch)

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements Software Releases - RSS News audit daemon 1.7.11 (Default branch)
# 1  
Old 01-11-2009
audit daemon 1.7.11 (Default branch)
The audit package contains the user-space utilities for creating audit rules, as well as for storing and searching the audit records generate by the audit subsystem in the Linux 2.6 kernel. It also has a basic Intrusion Detection plugin based on audit events capable of IDMEF alerting using prelude. License: GNU General Public License (GPL) Changes:
This release fixes several bugs in remote logging. auditd now leaves the old log writable if rotation fails. On kernels with both 64-bit and 32-bit syscalls, auditctl will now warn if a syscall rule attempts to cover both and the 64/32-bit syscall numbers do not match. A bug was fixed in the auparse library where it was not including single key fields in the audit records. Image

Image

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT XFREE86

audit_data

audit_data(4)							   File Formats 						     audit_data(4)

NAME

       audit_data - current information on audit daemon

SYNOPSIS

       /etc/security/audit_data

DESCRIPTION

       The  audit_data file contains information about the audit daemon. The file contains the process ID of the audit daemon, and the pathname of
       the current audit log file. The format of the file is:

	      pid>:<pathname>

       Where pid is the process ID for the audit daemon, and pathname is the full pathname for the current audit log file.

EXAMPLES

       Example 1: A sample audit_data file.

       64:/etc/security/audit/server1/19930506081249.19930506230945.bongos

FILES

       /etc/security/audit_data

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Obsolete			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       audit(1M), auditd(1M), bsmconv(1M), audit(2), audit_control(4), audit.log(4)

NOTES

       The functionality described on this manual page is internal to audit(1M) and might not be supported in a future release.

       The auditd utility is the only supported mechanism to communicate with auditd(1M). The current audit log can be determined by examining the
       configured audit directories. See audit_control(4).

       The  functionality described on this manual page is available only if the Basic Security Module (BSM) has been enabled. See bsmconv(1M) for
       more information.

SunOS 5.10							    14 Nov 2002 						     audit_data(4)