/medusa-policy-mining

Experimental framework for mining security policies for Medusa security module with Constable as the authorization server.

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

Medusa Policy Mining

This module allows you to create policies from audit logs for the Constable authorization server.

Example usage

For example, if you want to create policy for PostgreSQL and the logs are stored in *postgres.log files, call:

npp.py --user=postgres --object=postgres --subject=postgres postgres-2023-05-11 *postgres.log

Log files from different services have to be separeted using --:

npp.py 2023-05-11 postfix.log -- sshd.log