Receiving Linux Audit trails with auditdistd

Repository

https://github.com/0mp/audisp-auditdistd/

The aim of this project is to develop a solution, which enables receiving audit trails, generated by the Linux Audit subsystem, with the auditdistd daemon running on FreeBSD.

Hit Comments in the Edit Bar to see other solutions and notes, which are otherwise hidden for readability.

Modified auditdistd

Idea
Modify auditdistd so that it could be used directly as an plugin for audispd (Linux Audit plugins receive logs through the standard input).

Advantages

Disadvantages

Tasks

Files

  • [get | view] (2018-02-02T01:14:42+0000, 33.2 KB) [[attachment:output-of-strace-of-client-auditdistd-on-linux-as-of-db400c6b5886454992cd0ea1514fd4608067df7d.txt]]
 All files | Selected Files: delete move to page copy to page

References & notes


CategoryProject CategoryTodo

MateuszPiotrowski/Audit/ReceivingLinuxAuditTrailsWithAuditdistd (last edited 2018-09-11T09:04:39+0000 by MateuszPiotrowski)