-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Linux Auditing System Events #18
Projects
Milestone
Comments
markfarrell
added a commit
that referenced
this issue
May 29, 2020
markfarrell
added a commit
that referenced
this issue
May 29, 2020
markfarrell
added a commit
that referenced
this issue
May 29, 2020
markfarrell
added a commit
that referenced
this issue
May 30, 2020
markfarrell
added a commit
that referenced
this issue
May 30, 2020
markfarrell
added a commit
that referenced
this issue
May 30, 2020
markfarrell
added a commit
that referenced
this issue
May 30, 2020
markfarrell
added a commit
that referenced
this issue
May 30, 2020
markfarrell
added a commit
that referenced
this issue
May 30, 2020
markfarrell
added a commit
that referenced
this issue
May 31, 2020
markfarrell
added a commit
that referenced
this issue
May 31, 2020
markfarrell
added a commit
that referenced
this issue
May 31, 2020
markfarrell
added a commit
that referenced
this issue
May 31, 2020
markfarrell
added a commit
that referenced
this issue
May 31, 2020
markfarrell
added a commit
that referenced
this issue
Jun 1, 2020
markfarrell
added a commit
that referenced
this issue
Jun 1, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Steps to Resolution
2102f7a
Define a module,Text.Parsing.Linux.Audit
, that exports a functionentry :: Parser String Foreign
, which parses raw Linux Auditing System log entries in JSON format.Implement a test module,Test.Text.Parsing.Linux.Audit
, that exports a functionsuite :: Aff Unit
, with an appropriate set of unit tests for the public exports ofText.Parsing.Linux.Audit
.Follow-Up Issues
Main.Text.Parsing.Linux.Audit
, that reads a sample of raw Linux Auditing System entries from a log file passed as a process argument. It should write parsed log entries in JSON format to a file passed as a process argument.Main.Control.FS.Linux.Audit
, that acts as an event collector that continuously watches for changes to the input file passed as a process argument, applies SQLi risk mitigations to the properties of parsed log file entries in JSON format, and writes parsed/validated log entries in JSON format to a SQlite3 database (e.g. with a table for each type of log entry.Main.Control.{HTTP,TCP}.Linux.Audit
that spawns an HTTP/HTTPS or TCP event collector that allows clients to forward raw Linux Auditing System entries, with a fresh authorization token for each new request (where authorization tokens are passed in the the body of the response to previous requests for each new request), storing the entries in a SQLite3 database.auditd
to forward log entries to a UNIX domain socket, and would like to test this in as part of a follow-up issue, e.g. implementing an analogous event collector with an appropriate entry point.The text was updated successfully, but these errors were encountered: