Man page - auparse_normalize(3)
Packages contas this manual
- auparse_node_compare(3)
- auparse_new_buffer(3)
- auparse_get_time(3)
- ausearch_clear(3)
- auparse_normalize_functions(3)
- auparse_find_field(3)
- auparse_reset(3)
- auparse_get_field_type(3)
- auparse_set_eoe_timeout(3)
- auparse_get_milli(3)
- auparse_first_field(3)
- auparse_flush_feed(3)
- auparse_find_field_next(3)
- auparse_goto_field_num(3)
- auparse_destroy(3)
- auparse_get_serial(3)
- ausearch_next_event(3)
- ausearch_add_timestamp_item_ex(3)
- auparse_feed_has_data(3)
- auparse_get_node(3)
- auparse_get_type_name(3)
- auparse_get_field_name(3)
- auparse_get_record_num(3)
- auparse_normalize(3)
- auparse_next_record(3)
- auparse_goto_record_num(3)
- ausearch_add_timestamp_item(3)
- auparse_get_filename(3)
- auparse_init(3)
- auparse_add_callback(3)
- auparse_set_escape_mode(3)
- auparse_get_field_int(3)
- auparse_get_timestamp(3)
- auparse_get_field_num(3)
- ausearch_add_expression(3)
- auparse_next_field(3)
- auparse_get_record_text(3)
- ausearch_add_item(3)
- auparse_next_event(3)
- auparse_get_num_fields(3)
- ausearch_set_stop(3)
- auparse_feed(3)
- auparse_feed_age_events(3)
- auparse_get_line_number(3)
- auparse_interpret_field(3)
- ausearch_add_interpreted_item(3)
- ausearch_cur_event(3)
- ausearch_add_regex(3)
- auparse_first_record(3)
- auparse_get_num_records(3)
- auparse_get_field_str(3)
- auparse_metrics(3)
- auparse_get_type(3)
- auparse_timestamp_compare(3)
Package: libauparse-dev
apt-get install libauparse-dev
apt-get install libauparse-dev
Manuals in package:
Documentations in package:
Manual
| AUPARSE_NORMALIZE(3) | Linux Audit API | AUPARSE_NORMALIZE(3) |
NAME
auparse_normalize - normalize the current event
SYNOPSIS
#include <auparse.h>
int auparse_normalize(auparse_state_t *au, normalize_option_t opt);
DESCRIPTION
auparse_normalize analyzes the current event so that the important information about the event can be accessed through a normalized API which positions to internal field cursor to the exact record and field when asked about specific information.
The auparse_normalize function takes an opt argument to tell it how much information to gather. Legal values are:
NORM_OPT_ALL - gather maximum information NORM_OPT_NO_ATTRS - do not gather subject/object attribute information
RETURN VALUE
Returns 0 on success and 1 on error.
SEE ALSO
auparse_normalize_subject_primary(3), auparse_normalize_object_primary(3).
AUTHOR
Steve Grubb
| Feb 2017 | Red Hat |