High-level audit parser module
John D. Ramsdell
ramsdell at mitre.org
Thu Aug 9 19:42:43 UTC 2007
Enclosed is a patch that adds a high-level audit parser module to the
audit package. The included Python script can be used in two ways.
It can be installed in the usual location and the module can be
imported into other programs. One can also make a copy of the Python
source file, and modify the function that consumes a log to quickly
produce one-off scripts.
Use pydoc to obtain documentation.
John
-------------- next part --------------
A non-text attachment was scrubbed...
Name: auditparser.patch
Type: text/x-patch
Size: 10362 bytes
Desc: auditparser module
URL: <http://listman.redhat.com/archives/linux-audit/attachments/20070809/031a7250/attachment.bin>
More information about the Linux-audit
mailing list