From: LC Bruzenak [lenny(a)magitekltd.com] Sent: Friday, June 17, 2011 3:56 PM To: Pittigher, Raymond - ES Cc: linux-audit(a)redhat.com Subject: Re: log files On Fri, 2011-06-17 at 15:15 -0400, Pittigher, Raymond - ES wrote: OK; that was my thinking as well. Only I roll mine up each day already and move them out of the way. I think you would likely use a custom program which used the parse libs to extract the searchable elements from each event. What I was wondering is if on the front end (cgi+browser-side) you had something in mind which existed already - or if you would code it up from scratch with the php-mysql piece? Thx, LCB -- LC (Lenny) Bruzenak lenny(a)magitekltd.com All I know is the PHP/MySQL stuff so that would be the plan. I only asked on the list to see if someone already started it or if something is out in the wild. The module for Spacewalk (and probably satellite) is nice and would probably use Joshua Roys's auc program to clean up the data. I have Prewikka installed on a spare RHEL5 server to test with but it seems that it needs to have something written to handle reading the audit log data. I only started to look at it and was mostly interested in Spacewalk because it is a RedHat program and would fit nicely in our RedHat shop. Using the LAMP stack would also make it easy to connect from anywhere with anything. This e-mail and any files transmitted with it may be proprietary and are intended solely for the use of the individual or entity to whom they are addressed. If you have received this e-mail in error please notify the sender. Please note that any views or opinions presented in this e-mail are solely those of the author and do not necessarily represent those of ITT Corporation. The recipient should check this e-mail and any attachments for the presence of viruses. ITT accepts no liability for any damage caused by any virus transmitted by this e-mail.