auditd 2.0.5 and 2.2 log format changes
Ismail Yenigul
ismailyenigul at gmail.com
Tue May 20 15:18:14 UTC 2014
Hello,
I have a scipt to correlate(for user friendly report) auditd 2.2 version
logs. It works on RedHat.
We have suse 11.4 server running audit 2.0.5 version .
I could not see any major log format difference between two version.
I see that there is nametype=NORMAL field difference at the end of each
line for version 2.2.
Is there any other log format changes between two versions?
PS: I execute /sbin/ausearch -i -if /var/log/audit/audit.log command before
to start log processing.
Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20140520/301ebb75/attachment.htm>
More information about the Linux-audit
mailing list