Richard Guy Briggs
Richard Guy Briggs
It would be great to have comment statistics available for the github plugin as is done for bugzilla, both number of issues/pullRequests commented, but comments per issue/PR as well.
LOGIN records were not grouped with the rest of their event, records with the identical timestamp and serial number: ---- time->Tue Mar 19 12:23:15 2019 type=LOGIN msg=audit(1553012595.401:219): pid=647 uid=0 subj=system_u:system_r:local_login_t:s0-s0:c0.c1023...
Add userspace audit tool support for the features introduced by kernel audit container ID support. - filtering on container ID - ausearch support See: https://github.com/linux-audit/audit-kernel/issues/91 See: https://github.com/linux-audit/audit-kernel/wiki/RFE-Audit-Container-ID
Signed-off-by: Richard Guy Briggs
Looking through the userspace audit code when trying to debug a new feature, I came across a compiler directive that was used a number of times and I don't understand...
Add userspace audit tool support for the features introduced by kernel audit container ID support. - AUDIT_CONTAINER_OP records - AUDIT_CONTAINER_ID records See: linux-audit/audit-kernel#90 See: https://github.com/linux-audit/audit-kernel/wiki/RFE-Audit-Container-ID
In recent testing of events for [ghak90](https://github.com/linux-audit/audit-kernel/issues/90) and [ghak110](https://github.com/linux-audit/audit-kernel/issues/110) it has been noticed that ausearch isn't grouping all the records of one event together even though the date/time/serial stamps are...
Add support for namespace identifier record types. There will need to be new auxiliary record types for namespace identifiers for existence, add, delete and set/change events. Currently the set appears...
Add userspace audit tool support for audit daemon message routing based on kernel audit container ID. - setting/deleting/listing routing policy - See: https://github.com/linux-audit/audit-kernel/issues/75
RFE: Create mechanism for "systemctl stop auditd" to audit the identity of the user issuing the command. Currently, auditd is one of the few remaining users of the sysvinit package...