Studying kerberos interaction patterns through krb5kdc log file (and client log) analysis

[Todd Grayson]

Howdy,

Has anyone seen or worked on pulling together tools for analyzing kerberos
krb5kdc.log files in a way that allows for the analysis (graphing even) of
service and user AS and TGS interactions over a window of time.

I found the historical MIT mail list discussion "krb5kdc log analysis
tool/script" but the package discussed would need to be re-written from
what I'm seeing for what I'm thinking of.

For the hadoop community its a point of understanding the concert of
interaction over time for a cluster.  Inspection of the various workload
patterns that emerge for the symphony of components in the suite.  The
platform is a web of kerberos authentication that extends to users
submitting jobs and interacting with the services over CLI and HTTP.

Before re-inventing something thats already sitting around the next corner
of the internet, I thought I might check here as well....

Thanks in advance.



-- 
Todd Grayson
Business Operations Manager
Customer Operations Engineering
Security SME