Welcome to OpenXDAS

OpenXDAS is an open source implementation of the OpenGroup's Distributed Auditing System released under the BSD open source license. The XDAS standard was defined in 1998 by an OG working group with representation from several software companies supporting various flavors of Unix and other operating systems. XDAS was never taken beyond preliminary specification - probably due to a general lack of enthusiasm in the world on the subject of auditing. Nevertheless, XDAS was designed by experts in the field of auditing and security-related logging services.

It's a Different World Today

With new government regulations on security-based auditing and business regulation compliance requirements, such as Sarbanes-Oxley and HIPAA (to name a few) passing in US Congress at every session, system and network administrators and corporate CIO's are taking a different stance these days. World standards organizations such as ISO are creating newer and better world-wide business compliance regulation and quality assurance standards, such as ISO9001. Both US companies and those centered in member countries of the European Union are rapidly adopting this and other quality standards, primarily to create the computer audit trails necessary to effectively avoid or minimize the danger of civil litigation or legal prosecution. Operating businesses by these standards is not only being enforced by new government regulations, but prudent customers are reserving their most lucrative business transactions for companies in compliance with such standards. All of this illustrates the need for quality open source, and standards-based compliance and auditing infrastructure.

Open Source Auditing?

Oddly, the open source world hasn't done anything significant toward creating new, or improving existing auditing subsystems, either. Standards bodies like the Syslog Working Group at IETF are trying with difficulty to nail down outstanding compatibility issues among the various implementations of that defacto-standard, around which several well-known open source projects are built today. In truth, however, no one has come up with a really great open source auditing solution: Enter the OpenXDAS project.

XDAS Standardization Continues!

As of May 2007, the XDAS working group has been reestablished within the Open Group Security Forum. A new effort is now underway to update the XDAS preliminary specification. Novell is leading this standardization effort at the Open Group in conjunction with Capgemini, Trusted Systems Consulting Group, DWP, Hewlett-Packard, Shell, Boeing, IBM, Sun Microsystems, and Dr. Anton Chuvakin, a consultant working with Mitre on the CEE project. More on this initiative later...