<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN"> <HTML> <HEAD> <META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8"> <META NAME="GENERATOR" CONTENT="GtkHTML/3.32.2"> </HEAD> <BODY> Richard, I have yet to start using the test suite, but I am looking for a Linux auditd testing capability which will provide <BLOCKQUOTE> - a human readable description of the user or system entity's interaction with Linux for a given test - the commands that enact the above test - the resultant auditd file which I can run though ausearch -i/aushape for processing </BLOCKQUOTE> And generate this for each possible event and event sub-variant (e.g iterate over all syscalls and variants) that the Linux kernel and other mainstream utilities can generate. I have been through <A HREF="https://sourceforge.net/projects/audit-test/">https://sourceforge.net/projects/audit-test/</A> but this is problematic as it was difficult to get all the above AND pump the output into ausearch -i as it was processing. Rgds On Sun, 2017-05-07 at 12:43 -0400, Richard Guy Briggs wrote: <BLOCKQUOTE TYPE=CITE> <PRE> Hi folks, We're trying to get an idea of how many users there are for the relatively new <A HREF="https://github.com/linux-audit/audit-testsuite">https://github.com/linux-audit/audit-testsuite</A> and how they are using it or would like to use it to help inform decisions about how to manage the suite so that it is still useful to us but not prevent some other unforseen reasonable use cases. Who is using it? How/Why? Thanks! - RGB -- Richard Guy Briggs <<A HREF="mailto:rgb@redhat.com">rgb@redhat.com</A>> Sr. S/W Engineer, Kernel Security, Base Operating Systems Remote, Ottawa, Red Hat Canada IRC: rgb, SunRaycer Voice: +1.647.777.2635, Internal: (81) 32635 -- Linux-audit mailing list <A HREF="mailto:Linux-audit@redhat.com">Linux-audit@redhat.com</A> <A HREF="https://www.redhat.com/mailman/listinfo/linux-audit">https://www.redhat.com/mailman/listinfo/linux-audit</A> </PRE> </BLOCKQUOTE> </BODY> </HTML>