Date: Sun, 23 Oct 2016 22:02:07 +0000 (UTC) From: Benjamin Kaduk <bjk@FreeBSD.org> To: doc-committers@freebsd.org, svn-doc-all@freebsd.org, svn-doc-head@freebsd.org Subject: svn commit: r49551 - head/en_US.ISO8859-1/htdocs/news/status Message-ID: <201610232202.u9NM27Lv087083@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: bjk Date: Sun Oct 23 22:02:07 2016 New Revision: 49551 URL: https://svnweb.freebsd.org/changeset/doc/49551 Log: Add audit log conversion entry from Mateusz Piotrow Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml Modified: head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml ============================================================================== --- head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml Sun Oct 23 21:12:52 2016 (r49550) +++ head/en_US.ISO8859-1/htdocs/news/status/report-2016-07-2016-09.xml Sun Oct 23 22:02:07 2016 (r49551) @@ -560,4 +560,63 @@ <task>Continue working on unstable releases.</task> </help> </project> + + <project cat='gsoc'> + <title>Non-BSM to BSM Conversion Tools</title> + + <contact> + <person> + <name> + <given>Mateusz</given> + <common>Piotrowski</common> + </name> + <email>0mp@FreeBSD.org</email> + </person> + </contact> + + <links> + <url href="https://wiki.FreeBSD.org/SummerOfCode2016/NonBSMtoBSMConversionTools">Wiki Page</url> + <url href="https://github.com/0mp/FreeBSD">GitHub Repository</url> + <url href="https://github.com/0mp/FreeBSD/pull/9">Pull Request With Consolidated Patch</url> + </links> + + <body> + <p>This project was started during Google Summer of Code this year. + The aim was to create a library which can convert the audit trail + files in Linux Audit format or the format used by Windows to the BSM + format (the format &os; uses for its audit logs). Apart from that, + I wanted to create a simple command-line tool and extend + <tt>auditdistd</tt> so that it is possible to send non-BSM logs to + <tt>auditdistd</tt> over a secure connection and save those audit + logs on disk, preferably in the BSM format.</p> + + <p>So far, it is possible to reasonably convert some of the most + common Linux audit log events to BSM, but it still needs a lot of + work. Secondly, I was able to configure <tt>auditdistd</tt> to + communicate with CentOS over an insecure connection. Thirdly, the + command-line tool is usable but not perfect.</p> + + <p>The present work focuses on configuring the secure TLS connection + between CentOS and <tt>auditdistd</tt>. I've already tried using + rsyslogd but wasn't able to make it work.</p> + </body> + + <sponsor> + Google Summer of Code + </sponsor> + + <help> + <task>I need more examples of rare Linux Audit logs; please send me + some examples if you have any. It is much easier to improve the + conversion process with real-life examples of the audit events you + try to convert.</task> + + <task>Configure <tt>auditdistd</tt> to be able to communicate with some + software on CentOS over TLS in order to receive audit logs. I + wasn't able to come up with a simple solution for that.</task> + + <task>Additional open tasks are listed on the Wiki page and in the + TODO file in the root directory of the project.</task> + </help> + </project> </report>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201610232202.u9NM27Lv087083>