[Fed-Talk] Anyone working with audit trails?
[Fed-Talk] Anyone working with audit trails?
- Subject: [Fed-Talk] Anyone working with audit trails?
- From: Todd Heberlein <email@hidden>
- Date: Sun, 22 May 2005 20:06:40 -0700
All,
Is anyone using Apple's BSM audit trails?
And in particular, is anyone parsing the binary audit records?
I have started some of this work, and I have found some interesting
issues along the way (for example, the AUE_EXECVE audit record does not
match the spec in the SunSHIELD document). I would love to find a
development community working on the audit trails (and thus, probably
running into the same issues).
Thanks,
Todd
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden