[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: Audit Parsing Library Requirements

From: ramsdell mitre org (John D. Ramsdell)
To: linux-audit redhat com
Subject: Re: Audit Parsing Library Requirements
Date: 13 Mar 2006 15:46:52 -0500

ramsdell mitre org (John D. Ramsdell) writes:

> Steve Grubb <sgrubb redhat com> writes:
> 
> > Each record is denoted by a type which indicates what fields will
> > follow. Information in the fields are held by a name/value pair that
> > contains an '=' between them. Each field is separated from one
> > another by a space or comma.
> 
> Please do not separate fields with commas.  

Opps.  I think I misunderstood the text.  I thought it was defining
ausearch output, but it must be describing something about the data
source.  I notice ausearch output always separates fields with a space
and not a comma.

John

References:
- Re: Audit Parsing Library Requirements
  - From: Steve Grubb
- Re: Audit Parsing Library Requirements
  - From: Steve Grubb
- Re: Audit Parsing Library Requirements
  - From: Steve Grubb
- Re: Audit Parsing Library Requirements
  - From: Steve Grubb
- Re: Audit Parsing Library Requirements
  - From: John D. Ramsdell

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]