audit record content

["John Calcote" <jcalcote@novell.com>]

[-- Attachment #1: Type: text/plain, Size: 1065 bytes --]

As far as I can tell, this forum has focused mainly on transport, performance, security and integrity issues. Indeed, these are all critical issues relative to audit, but is not audit record content just as important? If we spend all of our time managing the low-level transport issues, what does it avail us if only garbage is audited?

I've been working at the content level in an effort to standardize the record format. I've begun with the Open Group's XDAS standard as a baseline. The project is on sourceforge and it's called OpenXDAS. Back-end loggers are pluggable, and LAF is already supported on providing platforms.

Will some of you folks kindly take a few minutes of your time to look at the project and tell me what you think? I really want to make some traction here, and I think your good opinions are worth a lot. I'm open to suggestion, and would love to get some feedback.

http://openxdas.sourceforge.net 
http://www.sourceforge.net/projects/openxdas 

Thanks,
John

-----
John Calcote (jcalcote@novell.com)
Sr. Software Engineeer
Novell, Inc.


[-- Attachment #2: John Calcote.vcf --]
[-- Type: text/plain, Size: 410 bytes --]

BEGIN:VCARD
VERSION:2.1
X-GWTYPE:USER
FN:John Calcote
TEL;WORK:1-801-861-7517
ORG:;Unified Identity System Eng TE
TEL;PREF;FAX:801/861-2292
EMAIL;WORK;PREF;NGW:JCALCOTE@novell.com
N:Calcote;John;;Sr. Software Engineer
TITLE:Sr. Software Engineer
ADR;DOM;WORK;PARCEL;POSTAL:;PRV-H-511;;Provo
LABEL;DOM;WORK;PARCEL;POSTAL;ENCODING=QUOTED-PRINTABLE:John Calcote=0A=
PRV-H-511=0A=
Provo
END:VCARD


[-- Attachment #3: Type: text/plain, Size: 0 bytes --]