Sguil is cool, but it's not really.. audit logging for an application.
My thoughts at this point are to just keep with log4php and setup an
audit definition. You can then point log4php at a file, syslog, RDBMS,
whatever. THEN you can use Sguil if it catches you fancy. :)
Yes, as mentioned before we know and use php-ldap. I was just hoping
someone had already built an authn/authz framework that used LDAP and
possibly other configuration types. Something similar to the way you
build access control around enterprise apps using a generic framework. I
have yet to find anything in PHP for that. Oh well.
-- Dustin Puryear President and Sr. Consultant Puryear Information Technology, LLC 225-706-8414 x112 http://www.puryear-it.com Author, "Best Practices for Managing Linux and UNIX Servers" http://www.puryear-it.com/pubs/linux-unix-best-practices/ Charles Paul wrote: >> > Audit Logging. We COULD use log4php I suppose. Other ideas? > > Have you seen Sguil yet? http://sguil.sourceforge.net/ > > The cleartext of your audit logs should be stored offsite, regardless > of your log viewer. > > >> Access Rights. We need to manage access to a given page and elements within >> that page. We'll be doing this using LDAP groups. Best method? > > The ldap functions, and maybe the PAM package (depending on where you > want the auth done). > ___________________ > Nolug mailing list > nolug@nolug.org ___________________ Nolug mailing list nolug@nolug.orgReceived on 04/17/08
This archive was generated by hypermail 2.2.0 : 12/19/08 EST