Hello, I've just released a new version of the audit daemon. It can be downloaded from http://people.redhat.com/sgrubb/audit It will also be in rawhide tomorrow. The Changelog is: - ausearch can now search on SE Linux contexts - added aureport program to analyze logs - aureport added report option for each log's start and end time - increased random number selected for initial seq number in auditd - add new user space defines to libaudit.h - add add standard logging functions to libaudit This release concentrates on new features. The main addition is aureport. This program does an analysis of the audit logs. Try -r option to get a summary report. It is a work in progress and is 2/3 of the way done. Please let me know if there are any problems. -Steve