AuReporter.tcl

A tool for selecting and displaying kernel audit logs data

This is a simple GUI application that extracts the plain text data from one or more log files or ausearch, puts them into a temporary SQLite database, and allows the user to select and display certain sets of data that match selection criteria.

There is inadequate online help to give you a half a chance.

It's written and tested with the 1.2.5 release of the auditd package. It might work with other releases, or it might not, depending on what was changed in the log file format.

Requirements

You can optain wish and the SQLite3 package from ActiveState

Disclaimer

This is pre-alpha software. It works for me. It might work for you. It might even be useful. It probably won't eat your goldfish, but I don't make any promises.

This software is not released. It more like it snuck out, leaving the guards confused and unable to explain how it happened.

Feedback Request

Feedback, pro or con can be directed to
clif@cflynt.com

Download

Escape 0.1 Supports
Download Aug-1-2006 Escape
Escape 0.2
Download Aug-2-2006 Escape