1OpenBSM 2 3 Introduction 4 5OpenBSM is an open source implementation of Sun's BSM event auditing file 6format and API. Originally created for Apple Computer by McAfee Research, 7OpenBSM is now maintained by volunteers and through the generous contribution 8of several organizations. 9 10OpenBSM includes several command line tools, including auditreduce(8) and 11praudit(8) for reducing and printing audit trails, as well as the libbsm(3) 12library to manage configuration files, generate audit records, and parse and 13print audit trails. 14 15Coupled with a kernel audit implementation, OpenBSM can be used to maintain 16system audit streams, and is a foundation for a full audit-enabled system. 17Portions of OpenBSM, including include files and token-building routines, are 18reusable in a kernel audit implementation, and may be found in the FreeBSD 19and Mac OS X kernels. 20 21 Contents 22 23OpenBSM consists of several directories: 24 25 bin/ Audit-related command line tools 26 bsm/ Library include files for BSM 27 compat/ Compatibility code to build on various operating systems 28 etc/ Sample /etc/security configuration files 29 libauditd Common audit management functions for auditd and launchd 30 libbsm/ Implementation of BSM library interfaces and man pages 31 man/ System call and configuration file man pages 32 modules/ Directory for auditfilterd module source 33 sys/ System include files for BSM 34 test/ Test token sets and geneneration program 35 tools/ Tool directory, including audump to dump databases 36 37The following programs are included with OpenBSM: 38 39 audit Command line audit control tool 40 auditd Audit management daemon 41 auditdistd Audit trail distribution daemon 42 auditfilterd Experimental event monitoring framework 43 auditreduce Audit trail reduction tool 44 audump Debugging tool to parse and print audit databases 45 praudit Tool to print audit trails 46 47 Build and Installation 48 49Please see the file INSTALL for build and installation instructions. 50 51 Contributions 52 53The TrustedBSD Project would appreciate the contribution of bug fixes, 54enhancements, etc, under identically or substantially similar licenses to 55those present on the remainder of the OpenBSM source code. Please see the 56file CREDITS to learn more about who has contributed to the project. 57 58 Location 59 60Information on OpenBSM may be found on the OpenBSM home page: 61 62 http://www.OpenBSM.org/ 63 64Information on TrustedBSD may be found on the TrustedBSD home page: 65 66 http://www.TrustedBSD.org/ 67