Hello, I have a scipt to correlate(for user friendly report) auditd 2.2 version logs. It works on RedHat. We have suse 11.4 server running audit 2.0.5 version .
I could not see any major log format difference between two version. I see that there is nametype=NORMAL field difference at the end of each line for version 2.2. Is there any other log format changes between two versions? PS: I execute /sbin/ausearch -i -if /var/log/audit/audit.log command before to start log processing. Thanks in advance.
-- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
