From mboxrd@z Thu Jan 1 00:00:00 1970 From: Steve Grubb Subject: Re: Tools for reviewing audit logs ? Date: Tue, 12 Dec 2006 17:29:03 -0500 Message-ID: <200612121729.04049.sgrubb@redhat.com> References: Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Return-path: In-Reply-To: Content-Disposition: inline List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: linux-audit-bounces@redhat.com Errors-To: linux-audit-bounces@redhat.com To: "Wieprecht, Karen M." Cc: linux-audit@redhat.com, "Thomas, Daniel J." List-Id: linux-audit@redhat.com On Tuesday 12 December 2006 17:08, Wieprecht, Karen M. wrote: > Steve, I'm testing the RHEL4 audit 1.0.14 now with the sample capp.rule= s > , and I am generating data. =A0UGLY data. =A0I am wondering what > tools/GUIs/scripts people are using to look at this data. =A0 Some one published a perl based viewer to this mail list earlier this yea= r. I=20 forget when. The aureport program was supposed to fill the immediate role= of=20 breaking the data down into something a little more useful. My intentions= are=20 to use that as the basis of a GUI based tool. The work is going slow and = I'm=20 at the poiint of writing the parser library. > but I don't want to reproduce effort if there are nice scripts or =A0GU= Is > available already.=20 Aside from that perl based viewer and aureport, nothing I know of. It wou= ld be=20 helpful to me to know what your use cases/requirements are. Thanks, -Steve