xref: /freebsd/contrib/openbsm/README (revision 4c8945a06b01a5c8122cdeb402af36bb46a06acc)
1OpenBSM 1.1p2
2
3  Introduction
4
5OpenBSM is an open source implementation of Sun's BSM event auditing file
6format and API.  Originally created for Apple Computer by McAfee Research,
7OpenBSM is now maintained by volunteers and through the generous contribution
8of several organizations.
9
10OpenBSM includes several command line tools, including auditreduce(8) and
11praudit(8) for reducing and printing audit trails, as well as the libbsm(3)
12library to manage configuration files, generate audit records, and parse and
13print audit trils.
14
15Coupled with a kernel audit implementation, OpenBSM can be used to maintain
16system audit streams, and is a foundation for a full audit-enabled system.
17Portions of OpenBSM, including include files and token-building routines, are
18reusable in a kernel audit implementation, and may be found in the FreeBSD
19and Mac OS X kernels.
20
21  Contents
22
23OpenBSM consists of several directories:
24
25    bin/           Audit-related command line tools
26    bsm/           Library include files for BSM
27    compat/        Compatibility code to build on various operating systems
28    etc/           Sample /etc/security configuration files
29    libauditd      Common audit management functions for auditd and launchd
30    libbsm/        Implementation of BSM library interfaces and man pages
31    man/           System call and configuration file man pages
32    modules/       Directory for auditfilterd module source
33    sys/           System include files for BSM
34    test/          Test token sets and geneneration program
35    tools/         Tool directory, including audump to dump databases
36
37The following programs are included with OpenBSM:
38
39    audit          Command line audit control tool
40    auditd         Audit management daemon
41    auditfilterd   Experimental event monitoring framework
42    auditreduce    Audit trail reduction tool
43    audump         Debugging tool to parse and print audit databases
44    praudit        Tool to print audit trails
45
46  Build and Installation
47
48Please see the file INSTALL for build and installation instructions.
49
50  Contributions
51
52The TrustedBSD Project would appreciate the contribution of bug fixes,
53enhancements, etc, under identically or substantially similar licenses to
54those present on the remainder of the OpenBSM source code.  Please see the
55file CREDITS to learn more about who has contributed to the project.
56
57  Location
58
59Information on OpenBSM may be found on the OpenBSM home page:
60
61    http://www.OpenBSM.org/
62
63Information on TrustedBSD may be found on the TrustedBSD home page:
64
65    http://www.TrustedBSD.org/
66
67$P4: //depot/projects/trustedbsd/openbsm/README#37 $
68