Man page - audit_log_user_comm_message(3)
Packages contas this manual
- audit_log_user_avc_message(3)
- audit_encode_nv_string(3)
- get_auditfail_action(3)
- audit_fstype_to_name(3)
- audit_get_session(3)
- audit_log_user_command(3)
- audit_setloginuid(3)
- set_aumessage_mode(3)
- audit_log_acct_message(3)
- audit_detect_machine(3)
- audit_set_rate_limit(3)
- audit_set_enabled(3)
- audit_set_pid(3)
- audit_add_rule_data(3)
- audit_get_reply(3)
- audit_open(3)
- audit_getloginuid(3)
- audit_syscall_to_name(3)
- audit_name_to_errno(3)
- audit_flag_to_name(3)
- audit_value_needs_encoding(3)
- audit_log_semanage_message(3)
- audit_name_to_syscall(3)
- audit_name_to_fstype(3)
- audit_name_to_action(3)
- audit_encode_value(3)
- audit_delete_rule_data(3)
- audit_log_user_message(3)
- audit_set_backlog_wait_time(3)
- audit_request_rules_list_data(3)
- audit_request_status(3)
- audit_close(3)
- audit_update_watch_perms(3)
- audit_set_backlog_limit(3)
- audit_name_to_flag(3)
- audit_request_signal_info(3)
- audit_is_enabled(3)
- audit_set_failure(3)
- audit_log_user_comm_message(3)
- audit_add_watch(3)
apt-get install libaudit-dev
Manual
| AUDIT_LOG_USER_COMM_MESSAGE(3) | Linux Audit API | AUDIT_LOG_USER_COMM_MESSAGE(3) |
NAME
audit_log_user_comm_message - log a user message from a console app
SYNOPSIS
#include <libaudit.h>
int audit_log_user_comm_message(int audit_fd, int type, const char *message, const char *comm, const char *hostname, const char *addr, const char *tty, int result)
DESCRIPTION
This function will log a message to the audit system using a predefined message format. This function should be used by all non-ELF console apps that do not manipulate accounts, groups, or need to log execution of a script. An example would be a Python script recording an event. The function parameters are as follows:
audit_fd - The fd returned by audit_open type - type of message, ex: AUDIT_USYS_CONFIG, AUDIT_USER_LOGIN message - the message text being sent comm - the program command line name, NULL if unknown hostname - the hostname if known, NULL if unknown addr - The network address of the user, NULL if unknown tty - The tty of the user, if NULL will attempt to figure out result - 1 is "success" and 0 is "failed"
RETURN VALUE
It returns the sequence number which is > 0 on success or <= 0 on error.
ERRORS
This function returns -1 on failure. Examine errno for more info.
SEE ALSO
audit_log_user_message(3), audit_log_acct_message(3), audit_log_user_avc_message(3), audit_log_semanage_message(3).
AUTHOR
Steve Grubb
| July 2016 | Red Hat |