All, Does there exist a repository of audit events that could be used to test changes to the audit parsing code?
Although turning on -a always,exit -F arch=b32 -S all and -a always,exit -F arch=b64 -S all for a while does tend to generate a lot of audit, but it's clearly not exhaustive so I am hoping we have some repositories that are shareable and one can test against. Rgds -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
