As far as I can tell, this forum has focused mainly on transport, performance, security and integrity issues. Indeed, these are all critical issues relative to audit, but is not audit record content just as important? If we spend all of our time managing the low-level transport issues, what does it avail us if only garbage is audited?
I've been working at the content level in an effort to standardize the record format. I've begun with the Open Group's XDAS standard as a baseline. The project is on sourceforge and it's called OpenXDAS. Back-end loggers are pluggable, and LAF is already supported on providing platforms. Will some of you folks kindly take a few minutes of your time to look at the project and tell me what you think? I really want to make some traction here, and I think your good opinions are worth a lot. I'm open to suggestion, and would love to get some feedback. http://openxdas.sourceforge.net http://www.sourceforge.net/projects/openxdas Thanks, John ----- John Calcote ([EMAIL PROTECTED]) Sr. Software Engineeer Novell, Inc.
BEGIN:VCARD VERSION:2.1 X-GWTYPE:USER FN:John Calcote TEL;WORK:1-801-861-7517 ORG:;Unified Identity System Eng TE TEL;PREF;FAX:801/861-2292 EMAIL;WORK;PREF;NGW:[EMAIL PROTECTED] N:Calcote;John;;Sr. Software Engineer TITLE:Sr. Software Engineer ADR;DOM;WORK;PARCEL;POSTAL:;PRV-H-511;;Provo LABEL;DOM;WORK;PARCEL;POSTAL;ENCODING=QUOTED-PRINTABLE:John Calcote=0A= PRV-H-511=0A= Provo END:VCARD
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
