svn commit: r49551 - head/en_US.ISO8859-1/htdocs/news/status
Benjamin Kaduk
bjk at FreeBSD.org
Sun Oct 23 22:02:08 UTC 2016
Author: bjk
Date: Sun Oct 23 22:02:07 2016
New Revision: 49551
URL: https://svnweb.freebsd.org/changeset/doc/49551
Log:
Add audit log conversion entry from Mateusz Piotrow
Modified:
head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml
Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml Sun Oct 23 21:12:52 2016 (r49550)
+++ head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml Sun Oct 23 22:02:07 2016 (r49551)
@@ -560,4 +560,63 @@
<task>Continue working on unstable releases.</task>
</help>
</project>
+
+ <project cat='gsoc'>
+ <title>Non-BSM to BSM Conversion Tools</title>
+
+ <contact>
+ <person>
+ <name>
+ <given>Mateusz</given>
+ <common>Piotrowski</common>
+ </name>
+ <email>0mp at FreeBSD.org</email>
+ </person>
+ </contact>
+
+ <links>
+ <url href="https://wiki.FreeBSD.org/SummerOfCode2016/NonBSMtoBSMConversionTools">Wiki Page</url>
+ <url href="https://github.com/0mp/FreeBSD">GitHub Repository</url>
+ <url href="https://github.com/0mp/FreeBSD/pull/9">Pull Request With Consolidated Patch</url>
+ </links>
+
+ <body>
+ <p>This project was started during Google Summer of Code this year.
+ The aim was to create a library which can convert the audit trail
+ files in Linux Audit format or the format used by Windows to the BSM
+ format (the format &os; uses for its audit logs). Apart from that,
+ I wanted to create a simple command-line tool and extend
+ <tt>auditdistd</tt> so that it is possible to send non-BSM logs to
+ <tt>auditdistd</tt> over a secure connection and save those audit
+ logs on disk, preferably in the BSM format.</p>
+
+ <p>So far, it is possible to reasonably convert some of the most
+ common Linux audit log events to BSM, but it still needs a lot of
+ work. Secondly, I was able to configure <tt>auditdistd</tt> to
+ communicate with CentOS over an insecure connection. Thirdly, the
+ command-line tool is usable but not perfect.</p>
+
+ <p>The present work focuses on configuring the secure TLS connection
+ between CentOS and <tt>auditdistd</tt>. I've already tried using
+ rsyslogd but wasn't able to make it work.</p>
+ </body>
+
+ <sponsor>
+ Google Summer of Code
+ </sponsor>
+
+ <help>
+ <task>I need more examples of rare Linux Audit logs; please send me
+ some examples if you have any. It is much easier to improve the
+ conversion process with real-life examples of the audit events you
+ try to convert.</task>
+
+ <task>Configure <tt>auditdistd</tt> to be able to communicate with some
+ software on CentOS over TLS in order to receive audit logs. I
+ wasn't able to come up with a simple solution for that.</task>
+
+ <task>Additional open tasks are listed on the Wiki page and in the
+ TODO file in the root directory of the project.</task>
+ </help>
+ </project>
</report>
More information about the svn-doc-head
mailing list