Linux Audit | ||||
|
Download: The latest is 2.0.3, released Oct 17, 2009. ChangeLog audit-2.0.3-1.src.rpm need kernel-headers>=2.6.30 audit-2.0.3-1.src.rpm need kernel-headers>=2.6.30 audit-2.0.1.tar.gz need new headers audit-2.0.1.tar.gz need new headers RHEL-5 audit-1.7.16-1.src.rpm need glibc-kernheaders>=3.0-14 audit-1.7.16.tar.gz need new headers audit-1.7.14-1.src.rpm need glibc-kernheaders>=3.0 audit-1.7.14.tar.gz need new headers RHEL-4 audit-1.0.16-1.src.rpm need glibc-kernheaders>=2.4-9.1.95 audit-1.0.16.tar.gz need new headers You can compile the source rpm like this: |
Future Direction2.0 Clean out old APIs and protocols 2.0 -> 2.1 More IDS/IPS work Technical Resourcessvn co http://svn.fedorahosted.org/svn/audit or browse audit code Specs The specs to the Audit Event Parsing Library The specs to the Auditd Real-time Event Interface FAQ Audit System FAQ Articles: Audit + Prelude HOWTO Article about audit log visualization Mail List There is a mail list to discuss the linux audit system. Please join if you have any questions or like this topic. Presentations: Presentation given at Red Hat Summit 2008 about audit system and the prelude plugin Presentation given at Red Hat Summit 2007 about audit system and layering an IDS/IPS on it Slides from audit BoFs at SE Linux Symposium 2007 Slides from audit BoFs at SE Linux Symposium 2006 |
|||