As I've reviewed the audit log of a system with audit 1.5.2 installed, I
discovered the format is something I wasn't used to, and performing a man
on auditd, auditctl, and a few others didn't help clarify anything.
Could someone please produce a sample audit log line or two and break down
what each piece means, or direct me to a web page that does so?
I had initially expected some form of date/time stamp, but looking at the
first set of decimal-separated digits couldn't help me decipher a
date/time.
Thanks for any assistance.
Scott
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
