Crate linux_audit_parser
Source - Body
- Parsed body of an Audit message, consisting of
Key/Value pairs. - BodyIterator
- EventID
- The identifier of an audit event, corresponding to the
msg=audit(…) part of every Linux Audit log line. - Message
- A parsed message corresponding to a single line from the Linux Audit log
- MessageType
- Type of an audit message, corresponding to the
type=… part of
every Linux Audit log line. - Parser
- Parser for Linux Audit messages, with a few configurable options
- Common
- Common
Keys found in SYSCALL records - Key
- Representation of the key part of key/value pairs in
Body - Number
Values parsed as hexadecimal, decimal, or octal numbers- ParseError
- Audit parser error type
- Quote
- Quotes types in
Value strings - Value
- Representation of the value part of key/value pairs in
Body
- parse
- Parse a single log line as produced by auditd(8)