Re: [Fed-Talk] Audit Log Viewer Replacement
Re: [Fed-Talk] Audit Log Viewer Replacement
- Subject: Re: [Fed-Talk] Audit Log Viewer Replacement
- From: David Wilson <email@hidden>
- Date: Thu, 22 May 2008 22:52:13 -0400
On May 22, 2008, at 9:51 PM, Todd Heberlein wrote:
On Thursday, May 22, 2008, at 06:10PM, "David Wilson" <email@hidden
> wrote:
I've developed a replacement for Apple's Audit Log Viewer that comes
with the common criteria tools. It fixes a number of defects in that
and adds some new functionality (flagging events that touch NISPOM
chap 8, event searching, opening multiple log files at once, simple
reporting, etc).
I've found BSM for Leopard on my MacBook Pro completely broken. Have
you been able to get it to audit arbitrary processes?
Todd
Not at all, to my great dismay. My viewer targets Tiger, not Leopard,
for exactly that reason- I had to go back and stop using some leopard-
only features once I realized that the leopard auditing was failing so
badly. Unfortunately, I don't have the time to devote to trying to fix
BSM on leopard myself, so we're stuck with Tiger here for anything
secure until Apple gets around to releasing a set of CC tools that
actually *work*...
-- David Wilson
Princeton Satellite Systems
Software Engineer, ISSM
609-279-9606
email@hidden
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden