forked from linux-audit/audit-userspace
-
Notifications
You must be signed in to change notification settings - Fork 0
/
TODO
21 lines (19 loc) · 905 Bytes
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
Future roadmap (subject to change):
===================================
3.0.2
* If searching user/group doesn't map to uid/gid, do translated string search
* audisp-remote, add config to say what home network is so laptops don't try if their not on a network that can reach the server.
* Basic HIDS based on reactive audit component
3.1
* Multi-thread audisp-remote
* Support TLS PSK as remote logging transport
* Support multiple time streams when searching
* In audispd, look into non-blocking handling of write to plugins
* Add keywords for time: month-ago, this-hour, last-hour
* Container support
3.1.1
* Add rule verify to detect mismatch between in-kernel and on-disk rules
* Fix audit.pc.in to use Requires.private
* Change ausearch to output name="" unless its a real null. (mount) ausearch-report.c, 523. FIXME
* Fix SIGHUP for auditd network settings
* Add ability to filter events in auditd