audit-testsuite usage
Burn Alting
burn at swtf.dyndns.org
Mon May 8 09:07:24 UTC 2017
Richard,
I have yet to start using the test suite, but I am looking for a Linux
auditd testing capability which will provide
- a human readable description of the user or system entity's
interaction with Linux for a given test
- the commands that enact the above test
- the resultant auditd file which I can run though ausearch
-i/aushape for processing
And generate this for each possible event and event sub-variant (e.g
iterate over all syscalls and variants) that the Linux kernel and other
mainstream utilities can generate.
I have been through https://sourceforge.net/projects/audit-test/ but
this is problematic as it was difficult to get all the above AND pump
the output into ausearch -i as it was processing.
Rgds
On Sun, 2017-05-07 at 12:43 -0400, Richard Guy Briggs wrote:
> Hi folks,
>
> We're trying to get an idea of how many users there are for the
> relatively new https://github.com/linux-audit/audit-testsuite and how
> they are using it or would like to use it to help inform decisions about
> how to manage the suite so that it is still useful to us but not prevent
> some other unforseen reasonable use cases.
>
> Who is using it?
>
> How/Why?
>
>
> Thanks!
>
>
> - RGB
>
> --
> Richard Guy Briggs <rgb at redhat.com>
> Sr. S/W Engineer, Kernel Security, Base Operating Systems
> Remote, Ottawa, Red Hat Canada
> IRC: rgb, SunRaycer
> Voice: +1.647.777.2635, Internal: (81) 32635
>
> --
> Linux-audit mailing list
> Linux-audit at redhat.com
> https://www.redhat.com/mailman/listinfo/linux-audit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20170508/4a29cc17/attachment.htm>
More information about the Linux-audit
mailing list