GitHub: https://github.com/openbsm/bsmtrace

BSMtrace is a utility that processes audit trails, or real-time audit feeds provided by audit pipes. It loads a set of finite state machines or sequences from the supplied configuration file and watches the audit streams for instances of these sequences.

BSMtrace depends on the TrustedBSD audit and OpenBSM services present in FreeBSD 6.2 and later. It can be discussed on the TrustedBSD audit mailing lists.

    Copyright 2000-2012 Robert N. M. Watson. All rights reserved.
    Copyright 2005 SPARTA, Inc. All rights reserved.
    Copyright 2002, Leigh T. Denault. All rights reserved.
    Copyright 2002, 2003 Networks Associates, Inc. All rights reserved.