On 02/13/2012 09:14 AM, Marco Pizzoli wrote:
Hi guys,
I'm interested to know what is the expected feature that I have to
expect from the Audit part of IPA.

I had a look at this: http://www.freeipa.org/page/Audit_Design_Overview
I see that are mentioned watchers on directories for alerting on file
alterations.
What is the final high-level purpose? I suppose not only anti tampering...

The audit portion of IPA has been put on hold while we focus on on the core identity and policy components.

A significant part of the audit component was collecting log information from all services on a host and aggregating them on a central server for analysis and archiving. The directory watching you saw on the aforementioned page is exactly for the purposes of watching log file manipulation.

There has been a *lot* of recent discussion on how to perform logging in the larger community as well as capturing auditable system events. As yet there hasn't been a consensus. Until such time as a consensus forms around the methods, tools, and libraries in this domain we won't proceed further with the A part of IPA. However, we are actively participating in these discussions.


--
John Dennis <jden...@redhat.com>

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to