Advice on enriching logs with user and group names before moving them to a central log repository

Miloslav Trmac mitr at redhat.com
Thu Aug 2 21:12:25 UTC 2012

Previous message (by thread): Advice on enriching logs with user and group names before moving them to a central log repository
Next message (by thread): Advice on enriching logs with user and group names before moving them to a central log repository
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

----- Original Message -----
> It might still be an idea to have auparse_get_uid(au) etc.

I'm not 100% sure what you mean, but is perhaps auparse_interpret_field what you are looking for?  It returns an "intepreted" (as opposed to "raw") version of the field, e.g. a name instead of an UID.
    Mirek

Previous message (by thread): Advice on enriching logs with user and group names before moving them to a central log repository
Next message (by thread): Advice on enriching logs with user and group names before moving them to a central log repository
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux-audit mailing list