Week 1 / Non-BSM to BSM Conversion Tools

[Mateusz Piotrowski]

Hello,

During the first week of GSoC I’ve managed to set up FreeBSD and Debian in VirtualBox. Both of these guest virtual machines are generating audit logs which I analyse to learn the structure of the audit logs formats. I started to map the fields of the Linux Audit format to the BSM format.

Wiki: https://wiki.freebsd.org/SummerOfCode2016/NonBSMtoBSMConversionTools <https://wiki.freebsd.org/SummerOfCode2016/NonBSMtoBSMConversionTools>

Repository: https://github.com/0mp/gsoc16 <https://github.com/0mp/gsoc16>. (The repository hasn’t got any code in it at the moment; rather a bunch of useful links which helped me to proceed with my project.)

I’ve also created a a little notebook where I keep all my little hacks to get FreeBSD to work: https://github.com/0mp/n0tes/blob/master/freebsd.md <https://github.com/0mp/n0tes/blob/master/freebsd.md>

I hope I’ll be able to produce more value this week as I’ve got less intense assignments to	hand in for the time being.

	
Cheers!

Mateusz Piotrowski

PS If you know how to create audit logs for only one specific file on FreeBSD than please drop me a line! I’ve already asked this question on serverfault (http://serverfault.com/questions/778510/how-to-record-audit-logs-for-only-one-specified-file-in-freebsd <http://serverfault.com/questions/778510/how-to-record-audit-logs-for-only-one-specified-file-in-freebsd>) and I’m about to send an email to the trustedbsd-discuss at freebsd.org <mailto:trustedbsd-discuss at freebsd.org> mailing list.