Re: [Nolug] PHP help

From: Dustin Puryear <dustin_at_puryear-it.com>
Date: Thu, 17 Apr 2008 19:24:32 -0500
Message-ID: <4807EA40.1060002@puryear-it.com>

Sguil is cool, but it's not really.. audit logging for an application.
My thoughts at this point are to just keep with log4php and setup an
audit definition. You can then point log4php at a file, syslog, RDBMS,
whatever. THEN you can use Sguil if it catches you fancy. :)

Yes, as mentioned before we know and use php-ldap. I was just hoping
someone had already built an authn/authz framework that used LDAP and
possibly other configuration types. Something similar to the way you
build access control around enterprise apps using a generic framework. I
have yet to find anything in PHP for that. Oh well.

--
Dustin Puryear
President and Sr. Consultant
Puryear Information Technology, LLC
225-706-8414 x112
http://www.puryear-it.com
Author, "Best Practices for Managing Linux and UNIX Servers"
   http://www.puryear-it.com/pubs/linux-unix-best-practices/
Charles Paul wrote:
>>  >  Audit Logging. We COULD use log4php I suppose. Other ideas?
> 
> Have you seen Sguil yet?   http://sguil.sourceforge.net/
> 
> The cleartext of  your audit logs should be stored offsite, regardless
> of your log viewer.
> 
> 
>>  Access Rights. We need to manage access to a given page and elements within
>> that page. We'll be doing this using LDAP groups. Best method?
> 
> The ldap functions, and maybe the PAM package (depending on where you
> want the auth done).
> ___________________
> Nolug mailing list
> nolug@nolug.org
___________________
Nolug mailing list
nolug@nolug.org
Received on 04/17/08

This archive was generated by hypermail 2.2.0 : 12/19/08 EST