Searched hist:155408 (Results 1 - 3 of 3) sorted by relevance
/freebsd-11-stable/sys/security/audit/ | ||
H A D | audit_pipe.c | 155408 Mon Feb 06 20:50:39 MST 2006 rwatson Add support for audit pipe special devices, which allow user space applications to insert a "tee" in the live audit event stream. Records are inserted into a per-clone queue so that user processes can pull discreet records out of the queue. Unlike delivery to disk, audit pipes are "lossy", dropping records in low memory conditions or when the process falls behind real-time events. This mechanism is appropriate for use by live monitoring systems, host-based intrusion detection, etc, and avoids applications having to dig through active on-disk trails that are owned by the audit daemon. Obtained from: TrustedBSD Project |
H A D | audit.c | diff 155408 Mon Feb 06 20:50:39 MST 2006 rwatson Add support for audit pipe special devices, which allow user space applications to insert a "tee" in the live audit event stream. Records are inserted into a per-clone queue so that user processes can pull discreet records out of the queue. Unlike delivery to disk, audit pipes are "lossy", dropping records in low memory conditions or when the process falls behind real-time events. This mechanism is appropriate for use by live monitoring systems, host-based intrusion detection, etc, and avoids applications having to dig through active on-disk trails that are owned by the audit daemon. Obtained from: TrustedBSD Project |
H A D | audit_private.h | diff 155408 Mon Feb 06 20:50:39 MST 2006 rwatson Add support for audit pipe special devices, which allow user space applications to insert a "tee" in the live audit event stream. Records are inserted into a per-clone queue so that user processes can pull discreet records out of the queue. Unlike delivery to disk, audit pipes are "lossy", dropping records in low memory conditions or when the process falls behind real-time events. This mechanism is appropriate for use by live monitoring systems, host-based intrusion detection, etc, and avoids applications having to dig through active on-disk trails that are owned by the audit daemon. Obtained from: TrustedBSD Project |
Completed in 183 milliseconds