Identity, Policy *AND* Audit for RHEL7
Whilst I know that IPA is called Identity Management in it's current guise in RHEL6, and that "The audit component of the project will remain deferred until further notice." is currently stated on the FreeIPA website, the audit component is something that is really lacking a cohesive approach from Red Hat.
Whether or not RHEL7 delivers journald or rsyslog, the 'A' part of IPA is something that could really do with a boost.
It's also something that would provide an essential component of using RHEL in a large environment. The simpler it is to get all* log files back to some central server(s), the more likely it is to be done right. The usual arguments of "that would take too much bandwidth" are moot here - it's the admin's choice whether or not a) to implement remote logging and b) which log files get sent.
This is one aspect of large scale implementations (or small scale secure implementations) that really needs to be done right.
D
* - dependant on the configuration chosen by the admins
Responses
Hi Duncan,
we shared some ideas internally on this, may I ask you to open a customer center case about this, please?
This will help us to have all the involved parties included on this.
A further idea is to spawn a thread on this on the upstream mailinglists where I did already see you around.
best regards, Christian
Hi Duncan,
thanks.
For others reading this:
if you are interested in this feature too then its recommended to
open a case in the customer center, this will lead to 'your voice'
properly beeing accounted for the feature, along with your exact requirements.
If we feel a need for more discussion we will then either do this individually
in the single cases, or all together in a place like upstream mailinglist or
here, the customer groups.
thanks, Christian
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
