[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Audit Parsing Library Requirements



On Thursday 09 March 2006 13:49, Debora Velarde wrote:
> Not sure if ausearch supports this now, but I'm thinking of two use cases:
> 1.  If I want to find all records where the auid is NOT 500
> 2.  If I want to find all records where the gid is greater than 500.
>
> Could we then do:
> ausearch_set_param("auid", "!=", "500");
> ausearch_set_param("gid", ">", "500");

Sure, sounds fine to me since we are redefining the search engine.

-Steve


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]