On Tuesday 15 January 2008 09:41:38 John Dennis wrote: > > auparse_feed() works off log files and the audispd "string" format. The > > above code was using the auditd -> audispd format, so that API doesn't > > work.
Agreed. > Then it needs to be fixed to also work with the old binary protocol. NACK. auparse was meant for string representation of audit events. > But on the other hand, the binary protocol is deprecated and won't be used > with the new audispd so perhaps it's moot. Correct. -Steve -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
