<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
On 02/13/2012 11:28 AM, Marco Pizzoli wrote:
<blockquote
cite="mid:CAMrrtwtKNw4aFXCBLUmwfDkvwhAjwq2FeZXxW1wHZ9Ah2VbV5Q@mail.gmail.com"
type="cite">Hi John,<br>
<br>
<div class="gmail_quote">On Mon, Feb 13, 2012 at 5:23 PM, John
Dennis <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:jdennis@redhat.com">jdennis@redhat.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
<div class="HOEnZb">
<div class="h5">On 02/13/2012 09:14 AM, Marco Pizzoli wrote:<br>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
Hi guys,<br>
I'm interested to know what is the expected feature that
I have to<br>
expect from the Audit part of IPA.<br>
<br>
I had a look at this: <a moz-do-not-send="true"
href="http://www.freeipa.org/page/Audit_Design_Overview"
target="_blank">http://www.freeipa.org/page/Audit_Design_Overview</a><br>
I see that are mentioned watchers on directories for
alerting on file<br>
alterations.<br>
What is the final high-level purpose? I suppose not only
anti tampering...<br>
</blockquote>
<br>
</div>
</div>
The audit portion of IPA has been put on hold while we focus
on on the core identity and policy components.<br>
</blockquote>
<div><br>
Yes, I'm aware of this.<br>
</div>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
A significant part of the audit component was collecting log
information from all services on a host and aggregating them
on a central server for analysis and archiving. The directory
watching you saw on the aforementioned page is exactly for the
purposes of watching log file manipulation.<br>
</blockquote>
<div><br>
Good.<br>
</div>
<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt
0.8ex; border-left: 1px solid rgb(204, 204, 204);
padding-left: 1ex;">
There has been a *lot* of recent discussion on how to perform
logging in the larger community as well as capturing auditable
system events. As yet there hasn't been a consensus. Until
such time as a consensus forms around the methods, tools, and
libraries in this domain we won't proceed further with the A
part of IPA. However, we are actively participating in these
discussions.<span class="HOEnZb"><font color="#888888"><br>
</font></span></blockquote>
<div><br>
I'm very interest in this topic. Please, could you tell me
where I can read these discussions? <br>
</div>
</div>
</blockquote>
<br>
Some of them are internal to Red Hat just because we want to
understand the use cases before we wrap our head around the audit on
OS level and reach out to different communities looking for ideas.
There will be some discussions on the developer conference in Brno
later this week.<br>
I will keep you updated as soon as I have something to share.<br>
<br>
<blockquote
cite="mid:CAMrrtwtKNw4aFXCBLUmwfDkvwhAjwq2FeZXxW1wHZ9Ah2VbV5Q@mail.gmail.com"
type="cite">
<div class="gmail_quote">
<div><br>
Thanks!<br>
Marco<br>
</div>
</div>
<br>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
Freeipa-users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-users@redhat.com">Freeipa-users@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-users">https://www.redhat.com/mailman/listinfo/freeipa-users</a></pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">--
Thank you,
Dmitri Pal
Sr. Engineering Manager IPA project,
Red Hat Inc.
-------------------------------
Looking to carve out IT costs?
<a class="moz-txt-link-abbreviated" href="http://www.redhat.com/carveoutcosts/">www.redhat.com/carveoutcosts/</a>
</pre>
</body>
</html>