difficulty with TYPE
Steve Grubb
sgrubb at redhat.com
Tue Jan 15 14:59:09 UTC 2008
On Tuesday 15 January 2008 09:41:38 John Dennis wrote:
> > auparse_feed() works off log files and the audispd "string" format. The
> > above code was using the auditd -> audispd format, so that API doesn't
> > work.
Agreed.
> Then it needs to be fixed to also work with the old binary protocol.
NACK. auparse was meant for string representation of audit events.
> But on the other hand, the binary protocol is deprecated and won't be used
> with the new audispd so perhaps it's moot.
Correct.
-Steve
More information about the Linux-audit
mailing list