audit 1.6.1 released
Steve Grubb
sgrubb at redhat.com
Sun Sep 2 16:26:35 UTC 2007
Hi,
I've just released a new version of the audit daemon. It can be downloaded
from http://people.redhat.com/sgrubb/audit It will also be in rawhide
soon. The Changelog is:
- External plugin support in place
- Updated system-config-audit with some bug fixes. (Miloslav Trmac)
- Add missing newline to string output of event dispatcher.
- Fix reference counting in auparse python bindings (#263961)
- Moved default af_unix plugin socket to /var/run/audispd_events
This release finalizes support for external audit event dispatcher plugins.
I've included a sample plugin that simply writes to syslog any events it
receives. At this point i think people can start writing plugins to do
analysis work, protocol conversion, alerting, or remote logging. At some
point, I will update the plugin sample to should how the audit parsing
library could be used to watch for bad logins and syslog it.
Please let me know if you run across any problems with this release.
-Steve
More information about the Linux-audit
mailing list