forked from linux-audit/audit-userspace
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathTODO
20 lines (18 loc) · 874 Bytes
/
TODO
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
Future roadmap (subject to change):
===================================
3.0
* If searching user/group doesn't map to uid/gid, do translated string search
* audisp-remote, add config to say what home network is so laptops don't try if their not on a network that can reach the server.
* Container support
3.1
* Support TLS PSK as remote logging transport
* Basic HIDS based on reactive audit component
* Support multiple time streams when searching
* In audispd, look into non-blocking handling of write to plugins
* Add keywords for time: month-ago, this-hour, last-hour
3.1.1
* Add rule verify to detect mismatch between in-kernel and on-disk rules
* Fix audit.pc.in to use Requires.private
* Change ausearch to output name="" unless its a real null. (mount) ausearch-report.c, 523. FIXME
* Fix SIGHUP for auditd network settings
* Add ability to filter events in auditd