8
edits
Changes
More weeks Added
Upcoming Work:
* Change the status code of proto, currently assigned 1000 status code is not correct.
* Output form of netlink message is structure.
* Make a parse function like audit_get_reply as present in [https://fedorahosted.org/audit/browser/trunk/lib/libaudit.h libaudit.h]
* Study audit documentation and [https://fedorahosted.org/audit/browser/trunk/lib/libaudit.h libaudit.h] code
=== 2014-09-15 ===
Current Work:
* Added AuditRuleData Structure
* Added a AuditParse Function
Discussion Point:
* Cause of improper parsing.
* Follow the flow of auditd daemon from reading the code.
Upcoming Work:
* Structuring code to follow appropriate steps to enable Audit and receive response.
* Proper Parsing of a netlink response.
=== 2014-09-22 ===
* University Exams from 22 Sep to 26 Sep.
* Work will be resumed from 26 Sep.
=== 2014-09-27 ===
Current Work:
* Added AuditStatus Structure.
* Added a AuditSet Function.
* Appended Byte stream in netlinkMessage.
Discussion Point:
* Proper parsing of AuditStatus struct.
* Enabling Audit from our program.
Upcoming Work:
* Working AuditSet function
* Successfully Enabling Audit.
* A AuditIsEnable Function.
* Moving current code to a go package.
=== 2014-10-04 ===
Current Work:
* AuditSet() Response successfully parsed into a AuditStatus struct.
* AuditIsEnabled Added.
* A netlinkAudit package.
Discussion Point:
* Adding Rules to audit.
* Receiving further responses from kernel.
Upcoming Work:
* Cleaning up old work; A simple driver program.
* Adding Rules to the Audit System.
* Adding Syscall information in a Rule struct.
=== 2014-10-13 ===
Current Work:
* AuditAddRuleData() Added.
* Adding rules to Audit kernel is successful.
Discussion Point:
* Remove hardcoded code for adding Rules.
* A JSON file like audit.rules.
* A way to map syscalls.
Upcoming Work:
* Moving Further ahead to a fully follow the auditd code flow.
* Adding AuditSetPid for registering our code with kernel.
* Adding Rules from a JSON File.
* Concurrent Way to run the code (Adding Channels).
=== 2014-10-20 ===
Current Work:
* X86 json added for mapping syscalls to a integers
* Changing design of the code.
* A new branch for work on the configuration part.
Discussion Point:
* Receiving response for the rules added
* Parsing the kernel response successfully.
Upcoming Work:
* A Getreply Function.
* Successful additon of rule from audit.rules.json file.
* Successful detection of the log message types and appropriate action.
* Diwali Holidays! More code on the way.
=== 2014-10-28 ===
Current Work:
* Successfully Parsing the responses received from kernel !!(Yay).
* Better Design; AutoGeneration of sequence numbers.
* More constants added.
* Mistakes in channel version. A simple version is added.
* Syscall mapping perfected.
* DeleteAllRules function added.
* Loading one or more rules from audit.rules.json.
Discussion Point:
* Addition of fields on the rules.
* Channel version of the getreply function.
Upcoming Work:
* A concurrent Getreply Function.
* A field mapping json file.
* More design changes.
=== 2014-11-4 ===
Current Work:
* A field map in JSON.
* Adding logs in a file.
* Channel Version added.
* Simplified Design.
Discussion Point:
* Working Field Addition and Error Handling.
* Porting code to work as Heka Plugin.
* Input type ( Http/Tcp/Udp ) for the Heka plugin.
Upcoming Work:
* A Final Field Version
* Preetify the output Messages.
* Moving on to the Heka Part.
=== <date> ===
