Audit Explorer analyzes the Macintosh BSM audit trails, highlights notable events, lets you drill down to the actions of individual processes, and lets you explore the relationships between processes.
Apple's BSM auditing system is one of the best in the world, and when configured correctly, it can be one of the most powerful security features at your disposal. BSM can provide far more useful information than firewalls, network monitors, antivirus software, and disk forensics tools. Audit Explorer lets you explore this data, helping you find out what happened on your system, assisting you in determining if your system was penetrated, and if so, how. If a user or malware tries to exfiltrate data from your computer, Audit Explorer can help you identify what documents were taken and how they were taken from your system.
Visit our site for video tours of Audit Explorer and to help you determine if this is the right tool for your security needs.
Version 1.1 supports several new features including: (1) custom filters to alert on events of interest to you, (2) ability to launch from a command line so audit analysis can be automated, (3) save analysis results, (4) upload analysis results to a web/audit server, (5) review all commands and arguments entered from a Terminal window or remote login, (6) look for all operations on a filename, (7) look for all connections to/from specific addresses and/or ports, and (8) a new dashboard front-end.
Audit Explorer (com.netsq.audit-explorer) is a Mac software application that has been discovered and submitted by users of Software.com.
Default Install Path: /Applications/Software/Audit Explorer.app
Minimum OS version: 10.6.6
Copyright: (c) 2011, Net Squared, Inc.