Re: is this message necessary?
On Thu, 2005-11-10 at 06:17 -0500, Steve Grubb wrote:
For syscalls, about all you can put is list number & syscall
number(s). For
watches, path and key. Going beyond that will be a lot of formatting that
adds bloat. You can take a look at the code that does "auditctl -l"
formatting to see what it takes.
Surely you can just re-use that same code for generating the messages?
--
dwmw2