1OpenBSM 1.1p2 2 3 Introduction 4 5OpenBSM is an open source implementation of Sun's BSM event auditing file 6format and API. Originally created for Apple Computer by McAfee Research, 7OpenBSM is now maintained by volunteers and through the generous contribution 8of several organizations. 9 10OpenBSM includes several command line tools, including auditreduce(8) and 11praudit(8) for reducing and printing audit trails, as well as the libbsm(3) 12library to manage configuration files, generate audit records, and parse and 13print audit trils. 14 15Coupled with a kernel audit implementation, OpenBSM can be used to maintain 16system audit streams, and is a foundation for a full audit-enabled system. 17Portions of OpenBSM, including include files and token-building routines, are 18reusable in a kernel audit implementation, and may be found in the FreeBSD 19and Mac OS X kernels. 20 21 Contents 22 23OpenBSM consists of several directories: 24 25 bin/ Audit-related command line tools 26 bsm/ Library include files for BSM 27 compat/ Compatibility code to build on various operating systems 28 etc/ Sample /etc/security configuration files 29 libauditd Common audit management functions for auditd and launchd 30 libbsm/ Implementation of BSM library interfaces and man pages 31 man/ System call and configuration file man pages 32 modules/ Directory for auditfilterd module source 33 sys/ System include files for BSM 34 test/ Test token sets and geneneration program 35 tools/ Tool directory, including audump to dump databases 36 37The following programs are included with OpenBSM: 38 39 audit Command line audit control tool 40 auditd Audit management daemon 41 auditfilterd Experimental event monitoring framework 42 auditreduce Audit trail reduction tool 43 audump Debugging tool to parse and print audit databases 44 praudit Tool to print audit trails 45 46 Build and Installation 47 48Please see the file INSTALL for build and installation instructions. 49 50 Contributions 51 52The TrustedBSD Project would appreciate the contribution of bug fixes, 53enhancements, etc, under identically or substantially similar licenses to 54those present on the remainder of the OpenBSM source code. Please see the 55file CREDITS to learn more about who has contributed to the project. 56 57 Location 58 59Information on OpenBSM may be found on the OpenBSM home page: 60 61 http://www.OpenBSM.org/ 62 63Information on TrustedBSD may be found on the TrustedBSD home page: 64 65 http://www.TrustedBSD.org/ 66 67$P4: //depot/projects/trustedbsd/openbsm/README#37 $ 68