From mboxrd@z Thu Jan 1 00:00:00 1970 From: LC Bruzenak Subject: Re: log files Date: Fri, 17 Jun 2011 14:56:24 -0500 Message-ID: <1308340584.7213.50.camel@lcb> References: <6815A555A0B82148AEFE4966093BBBF5366DD7A644@USFWA1EXMBX3.itt.net> ,<1308335220.7213.6.camel@lcb> <6815A555A0B82148AEFE4966093BBBF5366DD7A645@USFWA1EXMBX3.itt.net> <1308337014.7213.10.camel@lcb> <4DFBA7C2.8070000@itt.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Return-path: Received: from mx1.redhat.com (ext-mx14.extmail.prod.ext.phx2.redhat.com [10.5.110.19]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id p5HJuXE9016714 for ; Fri, 17 Jun 2011 15:56:33 -0400 Received: from webserver.magitekltd.com (rrcs-24-242-137-197.sw.biz.rr.com [24.242.137.197]) by mx1.redhat.com (8.14.4/8.14.4) with ESMTP id p5HJuVU0008364 for ; Fri, 17 Jun 2011 15:56:31 -0400 In-Reply-To: <4DFBA7C2.8070000@itt.com> List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: "Pittigher, Raymond - ES" Cc: "linux-audit@redhat.com" List-Id: linux-audit@redhat.com On Fri, 2011-06-17 at 15:15 -0400, Pittigher, Raymond - ES wrote: > > The plan would be to rotate the log at midnight Saturday, use the > aureport to read the file and give it some kind of format, dump the data > into a mysql database, then parse it with php on a apache server with a > firefox front end. Or something like that. OK; that was my thinking as well. Only I roll mine up each day already and move them out of the way. I think you would likely use a custom program which used the parse libs to extract the searchable elements from each event. What I was wondering is if on the front end (cgi+browser-side) you had something in mind which existed already - or if you would code it up from scratch with the php-mysql piece? Thx, LCB -- LC (Lenny) Bruzenak lenny@magitekltd.com