Re: Output of aureport in columns
On Friday, July 13, 2012 01:09:00 PM Michael Mather wrote:
Yes, Steve, adding --raw works beautifully. Thanks.
Now, where can I find a tutorial that might have taught me this?
There is some discussion of this in the audit.rules man page under the section
NOTES. There was also an article about using the audit system to debug the
whole OS at once. The article gives some examples of stringing together
searches and reports:
http://magazine.hitb.org/issues/HITB-Ezine-Issue-005.pdf
And is there a way to search this list?
You can use Google and the site operator to restrict the results:
site:www.redhat.com ausearch raw
-Steve