Machine readable ausearch output

John D. Ramsdell ramsdell at linus.mitre.org
Thu Jun 30 13:50:37 UTC 2005


Steve Grubb <sgrubb at redhat.com> writes:

> I am also planning to pull the ausearch program apart and make a
> library that people could use to access records programmatically. It
> might be better to use this to create a translator program.
...
> Do any of these sound like they align with your needs?

A library that allows me to access the records programmatically is the
most desirable solution from my perspective.  You see, what I'd like
to do is to translate each record into nested Python dictionaries, in
which every key in a dictionary is a string.  I have enclosed the code
with which I would like to do the translation so as to give you a
concrete instance of this approach.

John

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pyval.h
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050630/70b7fb1b/attachment.h>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: pyval.c
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050630/70b7fb1b/attachment.c>


More information about the Linux-audit mailing list