13 lines
925 B
Diff
13 lines
925 B
Diff
--- logwatch-7.3.6/scripts/services/audit.pom 2007-02-16 04:25:17.000000000 +0100
|
|
+++ logwatch-7.3.6/scripts/services/audit 2007-07-04 12:15:55.000000000 +0200
|
|
@@ -82,7 +82,8 @@ while ($ThisLine = <STDIN>) {
|
|
( $ThisLine =~ /: user pid=[0-9]+ uid=[0-9]+ auid=[0-9]+ subj=system_u:system_r:system_dbusd_t:[0-9a-z]+ msg=/) or
|
|
( $ThisLine =~ /audit\([0-9.]+:[0-9]+\): (selinux=[0-9]+|auid=[0-9]+|prom=[0-9]+|old_prom=[0-9]+|dev=[^ ]+| )+$/) or
|
|
( $ThisLine =~ /auditd[ ]+S [0-9A-F]+ [0-9]+ [0-9]+[ ]+[0-9]([ ]*[0-9]+[ ]*|[ ]*)[0-9]+ [0-9]+ \(NOTLB\)/) or
|
|
- ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/)
|
|
+ ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/) or
|
|
+ ( $ThisLine =~ /audit\([0-9.]*:[0-9]*\): bool=.* val=.* old_val=.* auid=[0-9]*/)
|
|
) {
|
|
# Ignore these entries
|
|
} elsif ( $ThisLine =~ /audit\([0-9]{10}.[0-9]{3}:[0-9]\): initialized$/) {
|