OpenBSM: does somebody work on it?

[Lev Serebryakov]

Hello, Freebsd-security.

  I'm trying to use audit, and has some problems. First one is
impossiblity to create custom event class, and second one I hit is
with auditreduce(1)

  auditreduce doesn't filter events by date (-b/-a/-d options with any
arguments produces empty output), it doesn't merge files properly and
doesn't pick up files automagically, as Solaris' one does. It doesn't
have -C/-M/-O functionality of Solaris' one, too. So, proper merging
of audit trial files seems to be impossible :(

  I could try to fix & extend auditreduce(1), but does somebdy but me
need it?

  Does somebody use audit on FreeBSD on production systems?

-- 
// Black Lion AKA Lev Serebryakov <lev at FreeBSD.org>