> Your best bet might be to use the auparse library, or ausearch
which
knows how to interpret the audit log format for you and can present the
> information in a human friendly format.
I would really like to see a sample of what the auparse output looks
like. I have a Perl script that sucks the output of ausearch into a
key-value hash table from which I have other code that determines how to
print this in a human friendly format, but I'm wondering if auparse
can replace that or if all it does for me is to get the information into
the key-value hash table so I can decide how I want to format the output
... Anyone have a sample of what they have done with any particular
record type and what auparse does with it on the output end?
Thanks,
Karen Wieprecht