Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

NAS-133244 / 25.04 / Add auditd socket configuration #15263

Merged
merged 1 commit into from
Dec 24, 2024
Merged

NAS-133244 / 25.04 / Add auditd socket configuration #15263

merged 1 commit into from
Dec 24, 2024

Conversation

anodos325
Copy link
Contributor

@anodos325 anodos325 commented Dec 23, 2024
edited
Loading

Enable the af_unix plugin for auditd and configure syslog-ng and middleware to handle messages written
to a syslog-ng unix domain socket for auditd messages.

The application reading auditd messages from af_unix socket and rewriting for syslog-ng consumption is in separate PR.
Once that is merged, tests will be added to tests/unit.

@anodos325 anodos325 requested a review from a team December 23, 2024 16:02
@anodos325 anodos325 added the jira label Dec 23, 2024
@bugclerk bugclerk changed the title Add auditd socket configuration NAS-133244 / 25.04 / Add auditd socket configuration Dec 23, 2024
@bugclerk
Copy link
Contributor

Jira URL: https://ixsystems.atlassian.net/browse/NAS-133244

@anodos325 anodos325 force-pushed the auditd_socket_enable branch from f33f617 to c528d93 Compare December 24, 2024 15:32
@anodos325
Add auditd as an audit event source for middleware
d997756 
* Add auditd socket source to syslog-ng configuration.

This will be consumed by a script that reads the auditd socket and
consolidates / converts the audit events into single middleware
messages.
@anodos325 anodos325 force-pushed the auditd_socket_enable branch from 53c13df to d997756 Compare December 24, 2024 16:09
@anodos325 anodos325 merged commit 617f2b4 into master Dec 24, 2024
2 checks passed
@anodos325 anodos325 deleted the auditd_socket_enable branch December 24, 2024 16:10
@bugclerk
Copy link
Contributor

This PR has been merged and conversations have been locked.
If you would like to discuss more about this issue please use our forums or raise a Jira ticket.

@truenas truenas locked as resolved and limited conversation to collaborators Dec 24, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@themylogin themylogin themylogin approved these changes

Assignees
No one assigned
Labels
jira no-time-tracked
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@anodos325 @bugclerk @themylogin