From mboxrd@z Thu Jan  1 00:00:00 1970
From: "kunal chandarana" <chandarana.kunal@gmail.com>
Subject: Re: Linux-audit Digest, Vol 40, Issue 9
Date: Wed, 16 Jan 2008 12:29:34 +0530
Message-ID: <770716a30801152259l3b97d79crea2de5bd66033d1e@mail.gmail.com>
References: <20080114170028.0385D73507@hormel.redhat.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="===============0892075946=="
Return-path: <linux-audit-bounces@redhat.com>
Received: from mx3.redhat.com (mx3.redhat.com [172.16.48.32])
	by int-mx1.corp.redhat.com (8.13.1/8.13.1) with ESMTP id m0G6xulV010305
	for <linux-audit@redhat.com>; Wed, 16 Jan 2008 01:59:56 -0500
Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.153])
	by mx3.redhat.com (8.13.1/8.13.1) with ESMTP id m0G6xZ44006858
	for <linux-audit@redhat.com>; Wed, 16 Jan 2008 01:59:35 -0500
Received: by fg-out-1718.google.com with SMTP id e12so178790fga.7
	for <linux-audit@redhat.com>; Tue, 15 Jan 2008 22:59:35 -0800 (PST)
In-Reply-To: <20080114170028.0385D73507@hormel.redhat.com>
List-Unsubscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: linux-audit@redhat.com
List-Id: linux-audit@redhat.com

--===============0892075946==
Content-Type: multipart/alternative;
	boundary="----=_Part_5688_22736585.1200466774948"

------=_Part_5688_22736585.1200466774948
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

In audit logs fields are generated for specific type. Each log has different
type and depending on type there are different fields shown in
audit.logfiles. Is there a way to map this audit type to the fields.

Like if i have type=XYZ then log will contain n fields. So how to find these
N fields.?

------=_Part_5688_22736585.1200466774948
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

In audit logs fields are generated for specific type. Each log has different type and depending on type there are different fields shown in audit.log files. Is there a way to map this audit type to the fields.<br><br>Like if i have type=XYZ then log will contain n fields. So how to find these N fields.?
<br><br><br>

------=_Part_5688_22736585.1200466774948--


--===============0892075946==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


--===============0892075946==--