Hi, I've created an audit message dictionary along the lines of the existing audit field dictionary to add to the github audit documentation repository. It is checked in to: https://github.com/linux-audit/audit-documentation/blob/master/specs/mess... related to issue: https://github.com/linux-audit/audit-documentation/issues/21 This is a preliminary commit that was created from userspace' lib/libaudit.h and kernel's include/uapi/linux/audit.h, merging, sorting and removing duplicates and verifying I've not missed anything obvious from ausearch. It might be useful to find a way to add the message range descriptions to this CSV file, or to add them to another file in the same directory. Comments, fixes and additions welcome. - RGB -- Richard Guy Briggs <rgb(a)redhat.com&gt; Sr. S/W Engineer, Kernel Security, Base Operating Systems Remote, Ottawa, Red Hat Canada IRC: rgb, SunRaycer Voice: +1.647.777.2635, Internal: (81) 32635