Package mk-syscall-rules: Information
Default inline alert: Version in the repository: 0.10.5-alt1
Binary package: mk-syscall-rules
Version: 0.10.1-alt1
Architecture: i586
Build time: Feb 6, 2024, 03:04 PM in the task #339914
Source package: nagwad
Category: Monitoring
Report package bugDownload: mk-syscall-rules-0.10.1-alt1.i586.rpm
License: GPLv3
Summary: A tool to generate audit rules based on a configuration file
Description:
Contains 'mk-syscall-rules' and 'aunormarch' utils.
Maintainer: Paul Wolneykien
Last changed
Feb. 6, 2024 Paul Wolneykien 0.10.1-alt1
- Save copies of events to /run/nagwad/events. - New version of signal.md documentation (Russian). - Minor fix of login.sed. - Package Icinga Director basket as a doc. - Added nagwad Icinga Director basket in JSON format. - Improved description of host group "nagwad-nodes". - Improved display name: "Printing policy violation attempt". - Rename 'audit' filter (and all related files) to 'eperm'. - Remove deprecated 'osec' check. - Added "nagwad-host" host template for Icinga. - Fix: Don't copy README and signal.* manual to the `-nagios` package. - Updated README. - Monitor integrity of file access audit rules. - Fixed audit.regexp: Only SYSCALL messages. - Updated audit.regexp: Added nagwad- prefix. - Skip access errors to /proc/1/environ by default. - Added 10-audit post-process filter which skips events for particular files listed in audit-skip.d. - Allow post-filters to add text to messages. - Match each event with previously registered events and ignore duplicates. - Support event post-processing filters in /etc/nagwad/process-event.d. - Process the journal starting from the current boot. - Process the message with no leading whitespace by default. - check_nagwad: Don't print minor accidental errors.
Jan. 15, 2024 Paul Wolneykien 0.10.0-alt1
- Reflect the event status in the name of the signal file and check signal files in order of severity. - Make the signal files accessible by the members of 'nagwad' group. - Fixed %pre: %pre service. - /usr/sbin/nagwad: Source /etc/sysconfig/nagwad. - Make check_nagwad support status lines + the default status command-line argument. - Make nagwad support sed filters. - Removed the obsolete check_osec NRPE plugin. - Update the login.regexp to also support the 'pam_faillock' module. - Update check plugins to report detailed OK and CRITICAL statuses. - Extracted nsca-shell into the separate package. - Make 'nagwad-icinga' and 'nagwad-nagstamon' depend on 'nagwad-service'. - Make 'nagwad-nagios' depend on 'nagios-nrpe'. - Fix: Make 'nagwad-service' not depend on 'osec-cronjob' and 'nagios-nrpe'. - Make nagwad.service to restart on failure. - Make nagwad.service want auditd.service. - Rename 'nagwad-templates' to 'nagwad-nagios' and move nrpe-commands configuration to that package. - Added configuration file for Icinga-2 (package nagwad-icinga). - Rename package 'nagwad-actions' to 'nagwad-nagstamon'. - Make nagwad-service conflict with obsoleted package integ <= 0.4.2-alt2. - Added configuration files for integalert.
Dec. 25, 2023 Paul Wolneykien 0.9.14-alt1
- Fix: Use "usergroup-change" key in audit rules (to match the nagwad filter key).