Auditing Feature in Kerberos
hartmans at MIT.EDU
Tue Jan 24 15:56:47 EST 2006
>>>>> "Jeffrey" == Jeffrey Altman <jaltman at MIT.EDU> writes:
Jeffrey> Sam Hartman wrote:
>> I think that the big missing part of the current logging system
>> that makes it hard to use for auditing is that it does not link
>> service tickets that are issued by the TGS to the TGT used to
>> issue them.
>> The other problem is that the format of the data cannot easily
>> be parsed or stored in a database.
Jeffrey> Are you therefore looking to alter the existing log
Jeffrey> format or to add a new interface that would allow for
Jeffrey> direct to database writes of log data?
All of the following seem plausable:
1) a plugin interface for auditing
2) An additional XML log format (assuming limited additional
dependencies; perhaps hand-generated xml)
3) altered log format.
More information about the krbdev