Hi John,

On Mon, Feb 13, 2012 at 5:23 PM, John Dennis <jden...@redhat.com> wrote:

> On 02/13/2012 09:14 AM, Marco Pizzoli wrote:
>
>> Hi guys,
>> I'm interested to know what is the expected feature that I have to
>> expect from the Audit part of IPA.
>>
>> I had a look at this: 
>> http://www.freeipa.org/page/**Audit_Design_Overview<http://www.freeipa.org/page/Audit_Design_Overview>
>> I see that are mentioned watchers on directories for alerting on file
>> alterations.
>> What is the final high-level purpose? I suppose not only anti tampering...
>>
>
> The audit portion of IPA has been put on hold while we focus on on the
> core identity and policy components.
>

Yes, I'm aware of this.


> A significant part of the audit component was collecting log information
> from all services on a host and aggregating them on a central server for
> analysis and archiving. The directory watching you saw on the
> aforementioned page is exactly for the purposes of watching log file
> manipulation.
>

Good.


> There has been a *lot* of recent discussion on how to perform logging in
> the larger community as well as capturing auditable system events. As yet
> there hasn't been a consensus. Until such time as a consensus forms around
> the methods, tools, and libraries in this domain we won't proceed further
> with the A part of IPA. However, we are actively participating in these
> discussions.
>

I'm very interest in this topic. Please, could you tell me where I can read
these discussions?

Thanks!
     Marco
_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to