svn commit: r49551 - head/en_US.ISO8859-1/htdocs/news/status

Benjamin Kaduk bjk at FreeBSD.org
Sun Oct 23 22:02:08 UTC 2016 

Author: bjk
Date: Sun Oct 23 22:02:07 2016
New Revision: 49551
URL: https://svnweb.freebsd.org/changeset/doc/49551

Log:
  Add audit log conversion entry from Mateusz Piotrow

Modified:
  head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml

Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml
==============================================================================
--- head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml	Sun Oct 23 21:12:52 2016	(r49550)
+++ head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml	Sun Oct 23 22:02:07 2016	(r49551)
@@ -560,4 +560,63 @@
       <task>Continue working on unstable releases.</task>
     </help>
   </project>
+
+  <project cat='gsoc'>
+    <title>Non-BSM to BSM Conversion Tools</title>
+
+    <contact>
+      <person>
+	<name>
+	  <given>Mateusz</given>
+	  <common>Piotrowski</common>
+	</name>
+	<email>0mp at FreeBSD.org</email>
+      </person>
+    </contact>
+
+    <links>
+      <url href="https://wiki.FreeBSD.org/SummerOfCode2016/NonBSMtoBSMConversionTools">Wiki Page</url>
+      <url href="https://github.com/0mp/FreeBSD">GitHub Repository</url>
+      <url href="https://github.com/0mp/FreeBSD/pull/9">Pull Request With Consolidated Patch</url>
+    </links>
+
+    <body>
+      <p>This project was started during Google Summer of Code this year.
+	The aim was to create a library which can convert the audit trail
+	files in Linux Audit format or the format used by Windows to the BSM
+	format (the format &os; uses for its audit logs).  Apart from that,
+	I wanted to create a simple command-line tool and extend
+	<tt>auditdistd</tt> so that it is possible to send non-BSM logs to
+	<tt>auditdistd</tt> over a secure connection and save those audit
+	logs on disk, preferably in the BSM format.</p>
+
+      <p>So far, it is possible to reasonably convert some of the most
+	common Linux audit log events to BSM, but it still needs a lot of
+	work.  Secondly, I was able to configure <tt>auditdistd</tt> to
+	communicate with CentOS over an insecure connection.  Thirdly, the
+	command-line tool is usable but not perfect.</p>
+
+      <p>The present work focuses on configuring the secure TLS connection
+	between CentOS and <tt>auditdistd</tt>.  I've already tried using
+	rsyslogd but wasn't able to make it work.</p>
+    </body>
+
+    <sponsor>
+      Google Summer of Code
+    </sponsor>
+
+    <help>
+      <task>I need more examples of rare Linux Audit logs; please send me
+	some examples if you have any.  It is much easier to improve the
+	conversion process with real-life examples of the audit events you
+	try to convert.</task>
+
+      <task>Configure <tt>auditdistd</tt> to be able to communicate with some
+	software on CentOS over TLS in order to receive audit logs.  I
+	wasn't able to come up with a simple solution for that.</task>
+
+      <task>Additional open tasks are listed on the Wiki page and in the
+	TODO file in the root directory of the project.</task>
+    </help>
+  </project>
 </report>

More information about the svn-doc-head mailing list