On Mon, Feb 13, 2012 at 6:27 PM, Dmitri Pal <d...@redhat.com> wrote: > ** > On 02/13/2012 11:28 AM, Marco Pizzoli wrote: > > Hi John, > > On Mon, Feb 13, 2012 at 5:23 PM, John Dennis <jden...@redhat.com> wrote: > >> On 02/13/2012 09:14 AM, Marco Pizzoli wrote: >> >>> Hi guys, >>> I'm interested to know what is the expected feature that I have to >>> expect from the Audit part of IPA. >>> >>> I had a look at this: http://www.freeipa.org/page/Audit_Design_Overview >>> I see that are mentioned watchers on directories for alerting on file >>> alterations. >>> What is the final high-level purpose? I suppose not only anti >>> tampering... >>> >> >> The audit portion of IPA has been put on hold while we focus on on the >> core identity and policy components. >> > > Yes, I'm aware of this. > > >> A significant part of the audit component was collecting log information >> from all services on a host and aggregating them on a central server for >> analysis and archiving. The directory watching you saw on the >> aforementioned page is exactly for the purposes of watching log file >> manipulation. >> > > Good. > > >> There has been a *lot* of recent discussion on how to perform logging in >> the larger community as well as capturing auditable system events. As yet >> there hasn't been a consensus. Until such time as a consensus forms around >> the methods, tools, and libraries in this domain we won't proceed further >> with the A part of IPA. However, we are actively participating in these >> discussions. >> > > I'm very interest in this topic. Please, could you tell me where I can > read these discussions? > > > Some of them are internal to Red Hat just because we want to understand > the use cases before we wrap our head around the audit on OS level and > reach out to different communities looking for ideas. >
Ok, I understand. > There will be some discussions on the developer conference in Brno later > this week. > I will keep you updated as soon as I have something to share. > Thank you very much indeed.
_______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users