[Freeipa-users] Future audit feature

Dmitri Pal dpal at redhat.com
Mon Feb 13 17:27:30 UTC 2012 

On 02/13/2012 11:28 AM, Marco Pizzoli wrote:
> Hi John,
>
> On Mon, Feb 13, 2012 at 5:23 PM, John Dennis <jdennis at redhat.com
> <mailto:jdennis at redhat.com>> wrote:
>
>     On 02/13/2012 09:14 AM, Marco Pizzoli wrote:
>
>         Hi guys,
>         I'm interested to know what is the expected feature that I have to
>         expect from the Audit part of IPA.
>
>         I had a look at this:
>         http://www.freeipa.org/page/Audit_Design_Overview
>         I see that are mentioned watchers on directories for alerting
>         on file
>         alterations.
>         What is the final high-level purpose? I suppose not only anti
>         tampering...
>
>
>     The audit portion of IPA has been put on hold while we focus on on
>     the core identity and policy components.
>
>
> Yes, I'm aware of this.
>  
>
>     A significant part of the audit component was collecting log
>     information from all services on a host and aggregating them on a
>     central server for analysis and archiving. The directory watching
>     you saw on the aforementioned page is exactly for the purposes of
>     watching log file manipulation.
>
>
> Good.
>  
>
>     There has been a *lot* of recent discussion on how to perform
>     logging in the larger community as well as capturing auditable
>     system events. As yet there hasn't been a consensus. Until such
>     time as a consensus forms around the methods, tools, and libraries
>     in this domain we won't proceed further with the A part of IPA.
>     However, we are actively participating in these discussions.
>
>
> I'm very interest in this topic. Please, could you tell me where I can
> read these discussions?

Some of them are internal to Red Hat just because we want to understand
the use cases before we wrap our head around the audit on OS level and
reach out to different communities looking for ideas. There will be some
discussions on the developer conference in Brno later this week.
I will keep you updated as soon as I have something to share.

>
> Thanks!
>      Marco
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users


-- 
Thank you,
Dmitri Pal

Sr. Engineering Manager IPA project,
Red Hat Inc.


-------------------------------
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/



-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20120213/9ec2bee6/attachment.htm>

More information about the Freeipa-users mailing list