Hello, my friends.

Every record contains a  type field.It's about the message type such as AUDIT_AVC, AUDIT_SYSCALL and so on.

Does AVC mean  Mandatory Access Control ?

 

Is all the messag types listed in msg_typetab.h?

What do they mean exactly?

Where can I  get the information about them ?

I look into the _LIBAUDIT_H_ , and find this sentence

But in this file , I find nothing about audit event message

Can anyone give me an URL or give a book for me about the  audit event message?

Thanks a lot ^_^

 

                                                          Jeedan
--
-----------------------------
陈洁丹   北京邮电大学软件学院
地 址：  北京邮电大学学二D12寝室
邮 编：  100876
Email:   jeedan.chen@gmail.com
---------------------------------