[WIP] Log database changes.
Stefan Metzmacher
metze at samba.org
Sun May 13 10:35:14 UTC 2018
Am 10.05.2018 um 06:07 schrieb Andrew Bartlett via samba-technical:
> On Mon, 2018-05-07 at 18:05 +0200, Stefan Metzmacher via samba-
> technical wrote:
>> Hi Gary,
>>
>>> Current state of this task.
>>>
>>> Comments appreciated.
>>
>> Most of the preparation like the session guid looks good.
>>
>> I'm wondering if we want to implement the auditing of the directory
>> database similar to Windows using SACLs in the security descriptors
>> instead of having custom modules for various types of events.
>
> SACL support would still need the same infrastructure, it would just
> provide a way to filter which events to audit, rather than the course-
> grained filters we have here.
>
> I see it as a version 2 kind of thing, we need to get this much in
> first. So far the client requests have been for class-based logging
> (the filtering happens on external log analysis tools).
>
> I would also want to know clearly what the use case is for SACL
> logging, because if it is only really valuable in conjunction with a
> full Event Log and matching windows exactly, that would be much more
> work.
>
> As it stands, our ACLs are a pain to modify (outside the windows GUI),
> so in the short time per-server smb.conf options, matching the audit
> work done so far seem much more practical.
Ok.
metze
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20180513/4a87edbc/signature.sig>
More information about the samba-technical
mailing list