GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  BSMTRACE (1)

NAME

bsmtrace - host-based IDS based on OpenBSM

CONTENTS

Synopsis
Description
Options
Diagnostics
Files
See Also
Authors

SYNOPSIS

bsmtrace [-bdFhv] [-a trail] [-f config_file] [-p pid_file]

DESCRIPTION

BSMtrace is a utility that processes audit trails, or real-time audit feeds provided by audit pipes. It loads a set of finite state machines or sequences from the supplied configuration file and watches the audit streams for instances of these sequences. For more information, the example bsmtrace.conf file should be reviewed.

It operates by reading a configuration file that lists sequences which should result in actions. The default configuration file is /etc/bsmtrace.conf. BSM records are taken from /dev/auditpipe and run through a finite state machine which attempts to match a stream of records to defined sequences.

OPTIONS

-a trail Audit trail to be examined.
-b Dump the last BSM record which results in a sequence match to stdout.
-d Print debugging messages.
-f config_file Location of config file.
-F Run program in foreground.
-h Print this help message.
-p pid_file Location of pid file.
-v Print version and exit.

DIAGNOSTICS


.Ex -std

FILES

/dev/auditpipe Default source for BSM records.
/etc/bsmtrace.conf Default configuration file.
/var/run/bsmtrace.pid
  Default pid file.

SEE ALSO

auditd(8), bsmtrace.conf(5), libbsm(3), praudit(1)

AUTHORS


.An Aaron L. Meihm Aq alm@freebsd.org
.An Christian S.J. Peron Aq csjp@freebsd.org
Search for    or go to Top of page |  Section 1 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.