Linux Audit | ||||
|
Download: The latest is 2.6.7, released Spetember 11, 2016. RHEL-5 audit-1.8-1.src.rpm need glibc-kernheaders>=3.0 audit-1.8.tar.gz need new headers audit-1.7.18-1.src.rpm need glibc-kernheaders>=3.0 audit-1.7.18.tar.gz need new headers RHEL-4 audit-1.0.16-1.src.rpm need glibc-kernheaders>=2.4-9.1.95 audit-1.0.16.tar.gz need new headers You can compile the source rpm like this: |
Future Direction2.7 -> 3.0 Reactive component for IPS Technical Resourcessvn co http://svn.fedorahosted.org/svn/audit or browse audit code Mail List There is a mail list to discuss the linux audit system. Please join if you have any questions or like this topic. IRC We have #audit on freenode Specs The specifications have moved to github. The following will be left in place for a while and then removed. The specs around How to write good events Dictionary of event field names in csv format The specs around System Lifecycle events The specs around User Login Lifecycle events The specs around User Account Lifecycle events The draft specs for Audit Event Enrichment The specs to the Audit Event Parsing Library The specs to the Auditd Real-time Event Interface A diagram showing Audit System State Articles: Audit + Prelude HOWTO Article about audit log visualization Presentations: Updated version of the 2007 Red Hat Summit slides about audit system and layering an IDS/IPS on it Presentation given at Red Hat Summit 2008 about audit system and the prelude plugin Presentation given at Red Hat Summit 2007 about audit system and layering an IDS/IPS on it Slides from audit BoFs at SE Linux Symposium 2007 Slides from audit BoFs at SE Linux Symposium 2006 FAQ Audit System FAQ Test Suites ausearch-test-0.5 audit-validation-0.1 |
|||
