[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

How Audit event triggers in Kernel




Dear ALL,

I saw the function audit_send in the netlink.c file. This function is used to send the audit rules set into kernel. My question isĀ  How Audit event triggers for system call in kernel.


My second question is, After getting the reply packet from the netlink socket through the function audit_get_reply(). How the audit log format achieved for system call before storing the audit log.
--
with regards

Ashok Kumar J


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]