1
1
Things that need to be done:
2
2
===========================
4
* Put message types into ternary or avl tree for ausearch/aureport use
5
* Add remote logging plugin, gssapi, labeled networking, nss.
6
* fix auparse to handle out of order messages
4
7
* Fix retry logic in distribute event, buffer is freed by the logger thread
5
* Update nispom & lspp & capp rules for b32/64 and recursive directories
6
* fix auparse to handle out of order messages
7
* Add remote logging plugin, gssapi, labeled networking, nss.
8
* Get a basic ids plugin up and running. (login # failures, login on watched acct, access of watched file).
9
* Put message types into ternary or avl tree for ausearch/aureport use
10
* Create basic response plugin
11
8
* Consider adding node/machine name to records going to rt interface in daemon as protocol version 2.
12
9
* Sessions for logins - all events in same session ausearch
10
* Get a basic ids plugin up and running. (login on watched acct).
11
* Create basic response plugin
15
* Add sigusr2 to restart suspended logging
16
14
* Add keywords for time: month-ago
17
15
* Fix multilib problems for sc-audit
18
16
* Allow -F path!=/var/my/app