Repository of audit events
Burn Alting
burn at swtf.dyndns.org
Wed Apr 9 06:25:26 UTC 2014
All,
Does there exist a repository of audit events that could be used to test
changes to the audit parsing code?
Although turning on
-a always,exit -F arch=b32 -S all
and
-a always,exit -F arch=b64 -S all
for a while does tend to generate a lot of audit, but it's clearly not
exhaustive so I am hoping we have some repositories that are shareable
and one can test against.
Rgds
More information about the Linux-audit
mailing list