Cooked audit log format
LC Bruzenak
lenny at magitekltd.com
Mon May 12 15:50:35 UTC 2008
Q: Will the (hopefully) soon-to-be released visualization tool have any
influence on this discussion? Also aggregation?
My hope is that I'd only look at human-readable audit data which is
aggregated on one central repository. For me that means the transfer
sizes are important. Ideally to me, the data would be raw/compressed and
sent to a common place with guaranteed delivery.
It would be at that point where the visualization, cooking, translating,
etc. occurs. The more the better. :)
Regardless, my original question was would more cooking find its way
into the visualization tool? And any idea of when that may be released?
LCB.
--
LC (Lenny) Bruzenak
lenny at magitekltd.com
More information about the Linux-audit
mailing list