[PATCH] more message updates
Steve Grubb
sgrubb at redhat.com
Sun May 22 21:57:34 UTC 2005
Hello,
I was working on the ausearch utility and have it interpreting the logs
nicely. There were a couple issues that popped up where some messages did not
fall into similar patterns. There are several cases where auid does not have
an '=' between it and the loginuid.
Also, I ran into a problem interpreting syscalls because arch comes after the
syscall. Life would be so much easier if arch was before syscall. The
attached patch fixes this. Its against the .46 kernel.
-Steve
-------------- next part --------------
A non-text attachment was scrubbed...
Name: linux-2.6.9-standardize-parse.patch
Type: text/x-diff
Size: 4233 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20050522/5e3ec556/attachment.bin>
More information about the Linux-audit
mailing list