SNARE (System iNtrusion Analysis and Reporting Environment) Agents are a series of audit collection and forwarding tools, that facilitate centralised audit and log collection on Linux, Solaris, AIX, Irix, Windows, and other operating systems and services.
|Tags||Security Monitoring Operating System Kernels Linux Systems Administration|
|Operating Systems||POSIX Linux|
Release Notes: This release adds support for login/logout events. It adds support for account modification events. It has improved resource handling and collection speed.
Release Notes: Several problems have been resolved, including those related to service restart and socketcall auditing. Binary releases (including kernels with snare already patched in) are available or will soon be available in RPM/DEB format for Red Hat Enterprise 4, Red Hat Enterprise 3, Fedora Core 2, Red Hat 9, and Debian Sarge.
Release Notes: A tiny Web server is included for remote management. Module load/unload monitoring was integrated. SMP support was improved. CPU usage was significantly reduced. A GNOME 2 GUI was added.
Release Notes: This version includes support for all the system calls by the module version of snare, SMP support, non-i386 architecture support, more monitoring of system calls, extra details in other system calls, better file path resolution, and optimised communications between the kernel and daemon.
Release Notes: In this version, the module load code has been modified to allow RedHat 8 users to install the module.