Solaris-BSM-like Linux Auditing.

[Konrad Rieck <kr () roqe org>]

Hi *, 

I am looking for Linux software that generates audit trails similar
in detail and complexity to Solaris BSM logs. I am currently preparing
my master thesis on machine learning in host-based IDS and would like to
work with Linux instead of Solaris data.

I could only spot a few Linux audit systems [1-4], which probably can't
mess with the Solaris BSM. 

[1] SecureAudit, http://secureaudit.sourceforge.net/
[2] SNARE, http://www.intersectalliance.com/projects/Snare/
[3] SCSLog, http://www.suse.de/~thomas/tools/scslog/
[4] LinuxBSM, http://linuxbsm.sourceforge.net/

Are there other Linux audit systems? Has anyone of this list made
(serious) experiences with one of the above systems? 

Regards,
Konrad

-- 
 Konrad Rieck <kr () roqe org> - http://people.roqe.org/kr 
 PGP: 5803 E58E D1BF 9A29 AFCA 51B3 A725 EA18 ABA7 A6A3

Attachment: signature.asc
Description: This is a digitally signed message part