Confirmed users
502
edits
Security/Mentorships/MWoS/2014/Linux Audit heka plugin (Go): Difference between revisions
Security/Mentorships/MWoS/2014/Linux Audit heka plugin (Go) (view source)
Revision as of 17:01, 30 July 2014
, 30 July 2014→Project
Gdestuynder (talk | contribs) (Created page with "== Team == === Introduction === === Members === * * * * * Professor: * Mozilla Advisor: [https://mozillians.org/en-US/u/kang/ Guillaume Destuynder] == Project == Heka is a ...") |
Gdestuynder (talk | contribs) |
||
| Line 10: | Line 10: | ||
== Project == | == Project == | ||
Heka is a Mozilla project for logs routing, analysis, etc. (see http://hekad.readthedocs.org/en/latest/). Linux Audit logs are collecting various system calls and events in order to send them to a C user space program (auditd) over the netlink protocol. A Mozilla C plugin (https://github.com/gdestuynder/audisp-cef) currently correlate, transforms, and send these events back to our logging architecture. | Heka is a Mozilla project for logs routing, analysis, etc. (see http://hekad.readthedocs.org/en/latest/). Linux Audit logs are collecting various system calls and events in order to send them to a C user space program (auditd) over the netlink protocol. A Mozilla C plugin (https://github.com/gdestuynder/audisp-cef and https://github.com/gdestuynder/audisp-json) currently correlate, transforms, and send these events back to our logging architecture. | ||
=== Description === | === Description === | ||