8db4ca2429
addresses several minor issues: - Fix audit_event definitions of AUE_OPENAT_RWT and AUE_OPENAT_RWTC. - Fix build on Linux. - Fix printing of class masks in the audump tool. MFC after: 3 weeks Obtained from: TrustedBSD Project Approved by: re (kib)
68 lines
2.6 KiB
Plaintext
68 lines
2.6 KiB
Plaintext
OpenBSM 1.1p2
|
|
|
|
Introduction
|
|
|
|
OpenBSM is an open source implementation of Sun's BSM event auditing file
|
|
format and API. Originally created for Apple Computer by McAfee Research,
|
|
OpenBSM is now maintained by volunteers and through the generous contribution
|
|
of several organizations.
|
|
|
|
OpenBSM includes several command line tools, including auditreduce(8) and
|
|
praudit(8) for reducing and printing audit trails, as well as the libbsm(3)
|
|
library to manage configuration files, generate audit records, and parse and
|
|
print audit trils.
|
|
|
|
Coupled with a kernel audit implementation, OpenBSM can be used to maintain
|
|
system audit streams, and is a foundation for a full audit-enabled system.
|
|
Portions of OpenBSM, including include files and token-building routines, are
|
|
reusable in a kernel audit implementation, and may be found in the FreeBSD
|
|
and Mac OS X kernels.
|
|
|
|
Contents
|
|
|
|
OpenBSM consists of several directories:
|
|
|
|
bin/ Audit-related command line tools
|
|
bsm/ Library include files for BSM
|
|
compat/ Compatibility code to build on various operating systems
|
|
etc/ Sample /etc/security configuration files
|
|
libauditd Common audit management functions for auditd and launchd
|
|
libbsm/ Implementation of BSM library interfaces and man pages
|
|
man/ System call and configuration file man pages
|
|
modules/ Directory for auditfilterd module source
|
|
sys/ System include files for BSM
|
|
test/ Test token sets and geneneration program
|
|
tools/ Tool directory, including audump to dump databases
|
|
|
|
The following programs are included with OpenBSM:
|
|
|
|
audit Command line audit control tool
|
|
auditd Audit management daemon
|
|
auditfilterd Experimental event monitoring framework
|
|
auditreduce Audit trail reduction tool
|
|
audump Debugging tool to parse and print audit databases
|
|
praudit Tool to print audit trails
|
|
|
|
Build and Installation
|
|
|
|
Please see the file INSTALL for build and installation instructions.
|
|
|
|
Contributions
|
|
|
|
The TrustedBSD Project would appreciate the contribution of bug fixes,
|
|
enhancements, etc, under identically or substantially similar licenses to
|
|
those present on the remainder of the OpenBSM source code. Please see the
|
|
file CREDITS to learn more about who has contributed to the project.
|
|
|
|
Location
|
|
|
|
Information on OpenBSM may be found on the OpenBSM home page:
|
|
|
|
http://www.OpenBSM.org/
|
|
|
|
Information on TrustedBSD may be found on the TrustedBSD home page:
|
|
|
|
http://www.TrustedBSD.org/
|
|
|
|
$P4: //depot/projects/trustedbsd/openbsm/README#37 $
|