issues
search
Scribery
/
aushape
A library and a tool for converting audit logs to XML and JSON
https://scribery.github.io/aushape/
GNU Lesser General Public License v2.1
43
stars
11
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
undeclared symbols on make
#71
hueyvle
opened
4 years ago
0
aushape: error while loading shared libraries: libaushape.so.0: cannot open shared object file: No such file or directory
#70
gatimeher
opened
5 years ago
1
Error normalizing NETFILTER_CFG
#69
spbnick
opened
6 years ago
4
Implement integration tests
#68
spbnick
opened
6 years ago
0
Support building without audit normalization API
#67
spbnick
opened
6 years ago
0
Docker VIRT_CONTROL vm field garbage
#66
spbnick
opened
7 years ago
0
Remote audit logs
#65
Keysuke
closed
7 years ago
25
Fixe path for /usr/bin/aushape-audispd-plugin
#64
git001
closed
7 years ago
1
Some execve events are considered invalid
#63
spbnick
closed
7 years ago
0
Handle repeated NETFILTER_CFG records
#62
spbnick
closed
7 years ago
0
Implement support for output format, which can easily be forwarded to ElasticSearch
#61
spbnick
opened
7 years ago
1
Mention --enable-debug configure option in README.md
#60
spbnick
opened
7 years ago
0
Add dev tools
#59
git001
closed
7 years ago
1
Implement Elasticsearch mapping generation
#58
spbnick
opened
7 years ago
0
Make parsed data output optional
#57
spbnick
opened
7 years ago
0
Implement outputting normalized audit event data
#56
spbnick
opened
7 years ago
0
Rename `host` field to `node` to match audit logs better
#55
spbnick
closed
7 years ago
1
Have aushape support audit-lib-2.4.5 - ie RHEL6 releases
#54
burnalting
closed
7 years ago
2
Add instructions on Elasticsearch forwarding to README.md
#53
spbnick
closed
7 years ago
0
Install schemas and Elasticsearch mapping
#52
spbnick
opened
7 years ago
0
Consider having field value sub-fields
#51
spbnick
opened
7 years ago
2
Ignore or warn about event not being trimmed to the required maximum
#50
spbnick
opened
7 years ago
0
Scan the code for TODO and FIXME
#49
spbnick
opened
7 years ago
0
Implement build integration test
#48
spbnick
opened
7 years ago
0
Refactor event formatting and trimming
#47
spbnick
opened
7 years ago
0
Ignore EOE events
#46
spbnick
closed
7 years ago
0
Move raw record output to the event level
#45
spbnick
closed
7 years ago
0
Consider standardizing on structure object creation arguments instead of va_list ones
#44
spbnick
opened
7 years ago
0
Consider moving common record prologue/epilogue formatting to record.c
#43
spbnick
opened
7 years ago
0
Implement communicating path item number from SYSCALL record to PATH record collector
#42
spbnick
opened
7 years ago
0
Reconsider what part of the collector stack should be checking for record type uniqueness
#41
spbnick
closed
7 years ago
1
Decide on and implement consistent argument verification convention
#40
spbnick
opened
8 years ago
1
Consider not passing "first" argument everywhere
#39
spbnick
closed
7 years ago
2
Output raw representation as array of lines
#38
spbnick
closed
7 years ago
0
Note when a function expects a valid argument and fails assertion otherwise
#37
spbnick
opened
8 years ago
0
Note destruction functions accept NULL or valid
#36
spbnick
opened
8 years ago
0
Note validation functions accept NULL
#35
spbnick
opened
8 years ago
0
Implement reporting conversion errors in-band
#34
spbnick
closed
7 years ago
0
Implement Elasticsearch mapping
#33
spbnick
opened
8 years ago
0
Handle repeated record types
#32
spbnick
closed
7 years ago
3
Filter out "node" field from records
#31
spbnick
closed
8 years ago
0
Consider having separate executables for streaming and converting
#30
spbnick
opened
8 years ago
0
Limit event size
#29
spbnick
closed
7 years ago
0
Live logging to ElasticSearch
#28
spbnick
closed
8 years ago
1
Find an output which can handle large documents
#27
spbnick
opened
8 years ago
0
Consider having separate folding level for documents
#26
spbnick
opened
8 years ago
0
Refactor-out common prologue and epilogue output in conv.c
#25
spbnick
opened
8 years ago
0
Consider improving formatting code structure
#24
spbnick
closed
7 years ago
1
Differentiate between continuous and discrete outputs
#23
spbnick
closed
8 years ago
0
Differentiate between recoverable and unrecoverable errors
#22
spbnick
opened
8 years ago
1
Next