[Freeipa-users] Future audit feature
John Dennis
jdennis at redhat.com
Mon Feb 13 16:23:29 UTC 2012
On 02/13/2012 09:14 AM, Marco Pizzoli wrote:
> Hi guys,
> I'm interested to know what is the expected feature that I have to
> expect from the Audit part of IPA.
>
> I had a look at this: http://www.freeipa.org/page/Audit_Design_Overview
> I see that are mentioned watchers on directories for alerting on file
> alterations.
> What is the final high-level purpose? I suppose not only anti tampering...
The audit portion of IPA has been put on hold while we focus on on the
core identity and policy components.
A significant part of the audit component was collecting log information
from all services on a host and aggregating them on a central server for
analysis and archiving. The directory watching you saw on the
aforementioned page is exactly for the purposes of watching log file
manipulation.
There has been a *lot* of recent discussion on how to perform logging
in the larger community as well as capturing auditable system events. As
yet there hasn't been a consensus. Until such time as a consensus forms
around the methods, tools, and libraries in this domain we won't proceed
further with the A part of IPA. However, we are actively participating
in these discussions.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the Freeipa-users
mailing list