Struct MessageType

pub struct MessageType(pub u32);

Type of an audit message, corresponding to the type=… part of every Linux Audit log line.

The implementation uses the same 32bit unsigned integer values that are used by the Linux Audit API. Mappings between numeric and symbolic values is generated using CSV retrieved from the Linux Audit Project’s documentation.

Tuple Fields

0: u32

Implementations

impl MessageType

pub const GET: Self

pub const SET: Self

pub const LIST: Self

pub const ADD: Self

pub const DEL: Self

pub const USER: Self

pub const LOGIN: Self

pub const WATCH_INS: Self

pub const WATCH_REM: Self

pub const WATCH_LIST: Self

pub const SIGNAL_INFO: Self

pub const ADD_RULE: Self

pub const DEL_RULE: Self

pub const LIST_RULES: Self

pub const TRIM: Self

pub const MAKE_EQUIV: Self

pub const TTY_GET: Self

pub const TTY_SET: Self

pub const SET_FEATURE: Self

pub const GET_FEATURE: Self

pub const USER_AUTH: Self

pub const USER_ACCT: Self

pub const USER_MGMT: Self

pub const CRED_ACQ: Self

pub const CRED_DISP: Self

pub const USER_START: Self

pub const USER_END: Self

pub const USER_AVC: Self

pub const USER_CHAUTHTOK: Self

pub const USER_ERR: Self

pub const CRED_REFR: Self

pub const USYS_CONFIG: Self

pub const USER_LOGIN: Self

pub const USER_LOGOUT: Self

pub const ADD_USER: Self

pub const DEL_USER: Self

pub const ADD_GROUP: Self

pub const DEL_GROUP: Self

pub const DAC_CHECK: Self

pub const CHGRP_ID: Self

pub const TEST: Self

pub const TRUSTED_APP: Self

pub const USER_SELINUX_ERR: Self

pub const USER_CMD: Self

pub const USER_TTY: Self

pub const CHUSER_ID: Self

pub const GRP_AUTH: Self

pub const SYSTEM_BOOT: Self

pub const SYSTEM_SHUTDOWN: Self

pub const SYSTEM_RUNLEVEL: Self

pub const SERVICE_START: Self

pub const SERVICE_STOP: Self

pub const GRP_MGMT: Self

pub const GRP_CHAUTHTOK: Self

pub const MAC_CHECK: Self

pub const ACCT_LOCK: Self

pub const ACCT_UNLOCK: Self

pub const USER_DEVICE: Self

pub const SOFTWARE_UPDATE: Self

pub const DAEMON_START: Self

pub const DAEMON_END: Self

pub const DAEMON_ABORT: Self

pub const DAEMON_CONFIG: Self

pub const DAEMON_RECONFIG: Self

pub const DAEMON_ROTATE: Self

pub const DAEMON_RESUME: Self

pub const DAEMON_ACCEPT: Self

pub const DAEMON_CLOSE: Self

pub const DAEMON_ERR: Self

pub const SYSCALL: Self

pub const FS_WATCH: Self

pub const PATH: Self

pub const IPC: Self

pub const SOCKETCALL: Self

pub const CONFIG_CHANGE: Self

pub const SOCKADDR: Self

pub const CWD: Self

pub const EXECVE: Self

pub const IPC_SET_PERM: Self

pub const MQ_OPEN: Self

pub const MQ_SENDRECV: Self

pub const MQ_NOTIFY: Self

pub const MQ_GETSETATTR: Self

pub const KERNEL_OTHER: Self

pub const FD_PAIR: Self

pub const OBJ_PID: Self

pub const TTY: Self

pub const EOE: Self

pub const BPRM_FCAPS: Self

pub const CAPSET: Self

pub const MMAP: Self

pub const NETFILTER_PKT: Self

pub const NETFILTER_CFG: Self

pub const SECCOMP: Self

pub const PROCTITLE: Self

pub const FEATURE_CHANGE: Self

pub const REPLACE: Self

pub const KERN_MODULE: Self

pub const FANOTIFY: Self

pub const TIME_INJOFFSET: Self

pub const TIME_ADJNTPVAL: Self

pub const BPF: Self

pub const EVENT_LISTENER: Self

pub const URINGOP: Self

pub const OPENAT2: Self

pub const DM_CTRL: Self

pub const DM_EVENT: Self

pub const AVC: Self

pub const SELINUX_ERR: Self

pub const AVC_PATH: Self

pub const MAC_POLICY_LOAD: Self

pub const MAC_STATUS: Self

pub const MAC_CONFIG_CHANGE: Self

pub const MAC_UNLBL_ALLOW: Self

pub const MAC_CIPSOV4_ADD: Self

pub const MAC_CIPSOV4_DEL: Self

pub const MAC_MAP_ADD: Self

pub const MAC_MAP_DEL: Self

pub const MAC_IPSEC_ADDSA: Self

pub const MAC_IPSEC_DELSA: Self

pub const MAC_IPSEC_ADDSPD: Self

pub const MAC_IPSEC_DELSPD: Self

pub const MAC_IPSEC_EVENT: Self

pub const MAC_UNLBL_STCADD: Self

pub const MAC_UNLBL_STCDEL: Self

pub const MAC_CALIPSO_ADD: Self

pub const MAC_CALIPSO_DEL: Self

pub const MAC_TASK_CONTEXTS: Self

pub const MAC_OBJ_CONTEXTS: Self

pub const AA: Self

pub const APPARMOR_AUDIT: Self

pub const APPARMOR_ALLOWED: Self

pub const APPARMOR_DENIED: Self

pub const APPARMOR_HINT: Self

pub const APPARMOR_STATUS: Self

pub const APPARMOR_ERROR: Self

pub const APPARMOR_KILL: Self

pub const ANOM_PROMISCUOUS: Self

pub const ANOM_ABEND: Self

pub const ANOM_LINK: Self

pub const ANOM_CREAT: Self

pub const INTEGRITY_DATA: Self

pub const INTEGRITY_METADATA: Self

pub const INTEGRITY_STATUS: Self

pub const INTEGRITY_HASH: Self

pub const INTEGRITY_PCR: Self

pub const INTEGRITY_RULE: Self

pub const INTEGRITY_EVM_XATTR: Self

pub const INTEGRITY_POLICY_RULE: Self

pub const KERNEL: Self

pub const ANOM_LOGIN_FAILURES: Self

pub const ANOM_LOGIN_TIME: Self

pub const ANOM_LOGIN_SESSIONS: Self

pub const ANOM_LOGIN_ACCT: Self

pub const ANOM_LOGIN_LOCATION: Self

pub const ANOM_MAX_DAC: Self

pub const ANOM_MAX_MAC: Self

pub const ANOM_AMTU_FAIL: Self

pub const ANOM_RBAC_FAIL: Self

pub const ANOM_RBAC_INTEGRITY_FAIL: Self

pub const ANOM_CRYPTO_FAIL: Self

pub const ANOM_ACCESS_FS: Self

pub const ANOM_EXEC: Self

pub const ANOM_MK_EXEC: Self

pub const ANOM_ADD_ACCT: Self

pub const ANOM_DEL_ACCT: Self

pub const ANOM_MOD_ACCT: Self

pub const ANOM_ROOT_TRANS: Self

pub const ANOM_LOGIN_SERVICE: Self

pub const RESP_ANOMALY: Self

pub const RESP_ALERT: Self

pub const RESP_KILL_PROC: Self

pub const RESP_TERM_ACCESS: Self

pub const RESP_ACCT_REMOTE: Self

pub const RESP_ACCT_LOCK_TIMED: Self

pub const RESP_ACCT_UNLOCK_TIMED: Self

pub const RESP_ACCT_LOCK: Self

pub const RESP_TERM_LOCK: Self

pub const RESP_SEBOOL: Self

pub const RESP_EXEC: Self

pub const RESP_SINGLE: Self

pub const RESP_HALT: Self

pub const RESP_ORIGIN_BLOCK: Self

pub const RESP_ORIGIN_BLOCK_TIMED: Self

pub const USER_ROLE_CHANGE: Self

pub const ROLE_ASSIGN: Self

pub const ROLE_REMOVE: Self

pub const LABEL_OVERRIDE: Self

pub const LABEL_LEVEL_CHANGE: Self

pub const USER_LABELED_EXPORT: Self

pub const USER_UNLABELED_EXPORT: Self

pub const DEV_ALLOC: Self

pub const DEV_DEALLOC: Self

pub const FS_RELABEL: Self

pub const USER_MAC_POLICY_LOAD: Self

pub const ROLE_MODIFY: Self

pub const USER_MAC_CONFIG_CHANGE: Self

pub const USER_MAC_STATUS: Self

pub const CRYPTO_TEST_USER: Self

pub const CRYPTO_PARAM_CHANGE_USER: Self

pub const CRYPTO_LOGIN: Self

pub const CRYPTO_LOGOUT: Self

pub const CRYPTO_KEY_USER: Self

pub const CRYPTO_FAILURE_USER: Self

pub const CRYPTO_REPLAY_USER: Self

pub const CRYPTO_SESSION: Self

pub const CRYPTO_IKE_SA: Self

pub const CRYPTO_IPSEC_SA: Self

pub const VIRT_CONTROL: Self

pub const VIRT_RESOURCE: Self

pub const VIRT_MACHINE_ID: Self

pub const VIRT_INTEGRITY_CHECK: Self

pub const VIRT_CREATE: Self

pub const VIRT_DESTROY: Self

pub const VIRT_MIGRATE_IN: Self

pub const VIRT_MIGRATE_OUT: Self

impl MessageType

pub fn is_multipart(&self) -> bool

True for messages that are part of multi-part events from kernel-space.

This mimics auparse logic as of version 3.0.6

Trait Implementations

impl Clone for MessageType

fn clone(&self) -> MessageType

Returns a copy of the value.

fn clone_from(&mut self, source: &Self)

Performs copy-assignment from source.

impl Debug for MessageType

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl Default for MessageType

fn default() -> MessageType

Returns the “default value” for a type.

impl<'de> Deserialize<'de> for MessageType

where Self: FromStr, <Self as FromStr>::Err: Display,

fn deserialize<__D>(deserializer: __D) -> Result<Self, __D::Error>

where __D: Deserializer<'de>,

Deserialize this value from the given Serde deserializer.

impl Display for MessageType

fn fmt(&self, f: &mut Formatter<'_>) -> Result

Formats the value using the given formatter.

impl FromStr for MessageType

type Err = ParseMessageTypeError

The associated error which can be returned from parsing.

fn from_str(s: &str) -> Result<Self, Self::Err>

Parses a string s to return a value of this type.

impl Hash for MessageType

fn hash<__H: Hasher>(&self, state: &mut __H)

Feeds this value into the given Hasher.

fn hash_slice<H>(data: &[Self], state: &mut H)

where H: Hasher, Self: Sized,

Feeds a slice of this type into the given Hasher.

impl PartialEq for MessageType

fn eq(&self, other: &MessageType) -> bool

Tests for self and other values to be equal, and is used by ==.

fn ne(&self, other: &Rhs) -> bool

Tests for !=. The default implementation is almost always sufficient, and should not be overridden without very good reason.

impl Serialize for MessageType

where Self: Display,

fn serialize<__S>(&self, serializer: __S) -> Result<__S::Ok, __S::Error>

where __S: Serializer,

Serialize this value into the given Serde serializer.

impl Copy for MessageType

impl Eq for MessageType

impl StructuralPartialEq for MessageType