Set audisp plugin filters

Hi, I am currently developing an audisp plugin that should be as effective as possible. Therefore, I want to set my own set of filtering rules (2-3 syscalls) and I don't want to get any other audit events from the audisp itself, - I assumed it is possible to set my own plugin rules but I couldn't find it in the audit documentation (Linux Audit API) nor any other audisp plugins examples. Is it even possible? If not, is it possible to run an auditd of my own in parallel with the original auditd? I assume each auditd can define its own set of audit rules. - Am I right? Thanks in advance, [https://signature.imperva.com/assets/imperva-logo.png] Eytan Naim | SW Engineer eytan.naim@imperva.com<mailto:eytan.naim@imperva.com> | m: +972 50-225-8833 imperva.com<https://imperva.com> | facebook<https://www.facebook.com/imperva> | linkedin<https://www.linkedin.com/company/imperva> | twitter<https://twitter.com/imperva>