Re: [Fed-Talk] Audit Log Viewer Replacement
Re: [Fed-Talk] Audit Log Viewer Replacement
- Subject: Re: [Fed-Talk] Audit Log Viewer Replacement
- From: "Dan O'Donnell" <email@hidden>
- Date: Fri, 23 May 2008 13:30:05 -0700
- Thread-topic: [Fed-Talk] Audit Log Viewer Replacement
David,
We are interested in your audit log viewer.
Wishlist (thusfar):
Universal binary, so it runs on both PPC and Intel.
It would be nice if it could forward logs from the host machine(s) that
created them to another network host or server.
We're currently looking at adapting a system built for syslog collection and
data mining, but it will require some adaptation to handle audit logs.
--
Dan O'Donnell
ISSO
RAND Corporation
1776 Main St.
PO Box 2138
Santa Monica CA 90407-2138
310-393-0411 x6637
email@hidden
email@hidden
On 5/23/08 12:04 PM, "email@hidden"
<email@hidden> wrote:
> Message: 2
> Date: Thu, 22 May 2008 21:09:51 -0400
> From: David Wilson <email@hidden>
> Subject: [Fed-Talk] Audit Log Viewer Replacement
> To: email@hidden
>
> I've developed a replacement for Apple's Audit Log Viewer that comes
> with the common criteria tools. It fixes a number of defects in that
> and adds some new functionality (flagging events that touch NISPOM
> chap 8, event searching, opening multiple log files at once, simple
> reporting, etc).
>
> At the moment I've only got it set up for my own in-house use, but
> with a bit of cleanup that I have the go-ahead to do I could release
> it as an open source project. Is there interest in this here, and are
> there any features people would like to see pop up during the cleanup?
>
> -- David Wilson
> Princeton Satellite Systems
> Software Engineer, ISSM
> 609-279-9606
> email@hidden
__________________________________________________________________________
This email message is for the sole use of the intended recipient(s) and
may contain confidential information. Any unauthorized review, use,
disclosure or distribution is prohibited. If you are not the intended
recipient, please contact the sender by reply email and destroy all copies
of the original message.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden