Update: Aug 20, 2007
Add FreeBsd/OpenBSM support - fix suggested by Alex Samorukov <firstname.lastname@example.org>
Update: April 24, 2007
Add support for MAC w/Common Criteria tools pkg
MAC common criteria toolkit does not use ".`hostname`" extension
in audit file name.
Update: April 16, 2003
bsmGUI.java: added bsmFilter panel and logic
bsmFilter.java: new class - include/exclude filters applied to result set.
Update: February 20, 2001
resultSet.java: Fixed result set Table resize/stretching
bsm.java: Fixed attribute Table resize/stretching
bsmGUI.java: Added additional attribute error checking
Requirements: java2 standard edition virtual machine.
1. What does the bsm GUI provide?
The bsm gui provides an interface enabling the user to configure
custom audit queries against the /var/audit log files created by
the basic security module auditing subsystem. This is alpha
quality code, please contact me with any problems you encounter.
Have patience with large queries!
2. How do I start the GUI?
# java -jar bsmgui.jar
3. I'm getting a java.lang.OutofMemory Error. What can I do to fix this?
Check the size of the /var/audit file you have opened. If
you are attempting to view the entire file, the result set can
be 2x (or more) larger, and the jvm requirements 10x or more.
I'll attempt to reduce the memory requirements in a future release,
but in the meanwhile set the jvm heap to 20x the size of the audit
file to accommodate a result set containing all records. For example,
if your audit file is 50MB, set the jvm heap to 1GB (The default
jvm heap is 64MB). The java -Xmx option is used to specify the
jvm heap size.
Example set the jvm heap to 1024MB (for a 50MB audit file):
# java -Xmx1024m -jar bsmgui.jar
4. How can I tell if the bsmGUI is working? It takes a long time
to return ...
Be patient. Parsing a large binary file takes time. For benchmark
purposes, I timed a query, requesting All Successes/All Failures
from a 50MB audit file. The request completed in approximately
17 minutes on an Ultra 60 configured with 1x360MHz CPU/1GB memory.
Audit file parsing is CPU intensive - during my benchmark,
the CPU is 100% consumed; I observed that I have
650MB of free memory and little or no I/O activity
(less than 10kB/sec) over the course of the benchmark.
5. Is there a License associated with the bsmGUI?
bsmgui is released via the Common Development and Distribution License
6. Can I look at and/or modify the Source?
Java source is included with the jar file.
# jar -xvf bsmgui.jar
If you extend the functionality or fix a bug,
please send me an email containing the modifications
you have made.
7. How can I build the bsmgui ?
A build.xml is included in the subversion repository to build the
bsmgui using ant.
For Solaris bsm configuration instructions, refer to
"SunShield Basic Security Module Guide" at http://docs.sun.com.