About: LUARM

An Entity of Type: Thing, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

LUARM (Logging User Actions in Relational Mode) is an Open Source experimental live digital forensics engine that produces audit data that facilitate as well as user action computer forensic functionality for the Linux operating system. It is designed to log in detail user activities into a simple Relational Database Management System (RDBMS) schema. MySQL is used for the relational backend although the schema could be easily converted to PostgreSQL and other popular relational databases. LUARM is written in Perl and provides a near real-time snapshot of file access, process/program execution and network endpoint user activities organized in well-defined relational table formats. The purposes are:

Property Value
dbo:abstract
  • LUARM (Logging User Actions in Relational Mode) is an Open Source experimental live digital forensics engine that produces audit data that facilitate as well as user action computer forensic functionality for the Linux operating system. It is designed to log in detail user activities into a simple Relational Database Management System (RDBMS) schema. MySQL is used for the relational backend although the schema could be easily converted to PostgreSQL and other popular relational databases. LUARM is written in Perl and provides a near real-time snapshot of file access, process/program execution and network endpoint user activities organized in well-defined relational table formats. The purposes are: * To assist system administrators and data security officers in the process of detecting and preventing external and internal threats to Linux based devices. * To provide a well defined easy-to-parse audit record structure, as well as scalable and reliable storage for the logged data. * Since the logged data are stored away from the monitored linux devices, LUARM can act as a valuable complement to existing data forensic investigation tools. This is because it is immune to the “observer effect” and the dangers of “static” forensic analysis: dynamic information about file, network and process activity is not lost and examining/logging data does not affect the source media state). LUARM is being developed by Georgios Magklaras at Steelcyber Scientific, an IT consultancy specializing in information security and scientific computing. It is part of a wider Insider Misuse research effort targeting insider misuse threat specification. (en)
dbo:wikiPageID
  • 29439121 (xsd:integer)
dbo:wikiPageLength
  • 3134 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 993202924 (xsd:integer)
dbo:wikiPageWikiLink
dbp:wikiPageUsesTemplate
dcterms:subject
rdfs:comment
  • LUARM (Logging User Actions in Relational Mode) is an Open Source experimental live digital forensics engine that produces audit data that facilitate as well as user action computer forensic functionality for the Linux operating system. It is designed to log in detail user activities into a simple Relational Database Management System (RDBMS) schema. MySQL is used for the relational backend although the schema could be easily converted to PostgreSQL and other popular relational databases. LUARM is written in Perl and provides a near real-time snapshot of file access, process/program execution and network endpoint user activities organized in well-defined relational table formats. The purposes are: (en)
rdfs:label
  • LUARM (en)
owl:sameAs
prov:wasDerivedFrom
foaf:isPrimaryTopicOf
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License