Re: [Fed-Talk] Future of Apple's BSM auditing?
Re: [Fed-Talk] Future of Apple's BSM auditing?
- Subject: Re: [Fed-Talk] Future of Apple's BSM auditing?
- From: Chris Stone via Fed-talk <email@hidden>
- Date: Wed, 02 Jun 2021 16:13:40 +0000
- Thread-topic: [Fed-Talk] Future of Apple's BSM auditing?
Hi Todd,
I hope you are well. We announced at WWDC 2020 that the Endpoint Security
Framework is intended to be a replacement for the BSM subsystem, among other
things. The comment was made in the opening of this video.
https://developer.apple.com/wwdc20/10159
Check out Build an Endpoint Security app from #wwdc20
Chris Stone
Apple Inc
410-245-7543
> On Jun 2, 2021, at 12:00 PM, Todd Heberlein via Fed-talk
> <email@hidden> wrote:
>
> After not working on Apple’s BSM auditing system for a few years, I just took
> a quick look at some of the commands.
>
> Apple is listing all the man pages for audit, auditd, praudit, etc. as
> deprecated.
>
> Have there been any discussions about Apple’s future support for BSM audit
> system?
>
>
> Thanks,
>
> Todd
>
>
>
> AUDITD(8) BSD System Manager's Manual AUDITD(8)
>
> NAME
> auditd -- audit log management daemon
>
> SYNOPSIS (NOW DEPRECATED)
> auditd [-d | -l]
>
> DESCRIPTION
> The auditd daemon responds to requests from the audit(8) utility and
> notifications from the ker-
> nel. It manages the resulting audit log files and specified log file
> locations.
> ...
> _______________________________________________
> Do not post admin requests to the list. They will be ignored.
> Fed-talk mailing list (email@hidden)
> Help/Unsubscribe/Update your Subscription:
>
> This email sent to email@hidden
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Fed-talk mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden