AUPARSE_FLUSH_FEED(3) Linux Audit API AUPARSE_FLUSH_FEED(3)NAME
auparse_flush_feed - flush any unconsumed feed data through parser.
SYNOPSIS
#include <auparse.h>
int auparse_feed(auparse_state_t *au);
au The audit parse state
DESCRIPTION
auparse_flush_feed should be called to signal the end of feed input data and flush any pending parse data through the parsing system.
RETURN VALUE
Returns -1 if an error occurs; otherwise, 0 for success.
SEE ALSO auparse_feed(3), auparse_feed_has_data(3)AUTHOR
John Dennis
Red Hat Sept 2012 AUPARSE_FLUSH_FEED(3)
Check Out this Related Man Page
AUPARSE_FEED(3) Linux Audit API AUPARSE_FEED(3)NAME
auparse_feed - feed data into parser
SYNOPSIS
#include <auparse.h>
int auparse_feed(auparse_state_t *au, const char *data, size_t data_len);
au The audit parse state
data a buffer of data to feed into the parser, it is data_len bytes long. The data is copied in the parser, upon return the caller may
free or reuse the data buffer.
data_len
number of bytes in data
DESCRIPTION
auparse_feed supplies new data for the parser to consume. auparse_init() must have been called with a source type of AUSOURCE_FEED and a
NULL pointer.
The parser consumes as much data as it can invoking a user supplied callback specified with auparse_add_callback with a cb_event_type of
AUPARSE_CB_EVENT_READY each time the parser recognizes a complete event in the data stream. Data not fully parsed will persist and be
prepended to the next feed data. After all data has been feed to the parser auparse_flush_feed should be called to signal the end of input
data and flush any pending parse data through the parsing system.
EXAMPLE
void
auparse_callback(auparse_state_t *au, auparse_cb_event_t cb_event_type,
void *user_data)
{
int *event_cnt = (int *)user_data;
if (cb_event_type == AUPARSE_CB_EVENT_READY) {
if (auparse_first_record(au) <= 0) return;
printf("event: %d
", *event_cnt);
printf("records:%d
", auparse_get_num_records(au));
do {
printf("fields:%d
", auparse_get_num_fields(au));
printf("type=%d ", auparse_get_type(au));
const au_event_t *e = auparse_get_timestamp(au);
if (e == NULL) return;
printf("event time: %u.%u:%lu
",
(unsigned)e->sec, e->milli, e->serial);
auparse_first_field(au);
do {
printf("%s=%s (%s)
", auparse_get_field_name(au),
auparse_get_field_str(au),
auparse_interpret_field(au));
} while (auparse_next_field(au) > 0);
printf("
");
} while(auparse_next_record(au) > 0);
(*event_cnt)++;
}
}
main(int argc, char **argv)
{
char *filename = argv[1];
FILE *fp;
char buf[256];
size_t len;
int *event_cnt = malloc(sizeof(int));
au = auparse_init(AUSOURCE_FEED, 0);
*event_cnt = 1;
auparse_add_callback(au, auparse_callback, event_cnt, free);
if ((fp = fopen(filename, "r")) == NULL) {
fprintf(stderr, "could not open '%s', %s0, filename, strerror(errno));
return 1;
}
while ((len = fread(buf, 1, sizeof(buf), fp))) {
auparse_feed(au, buf, len);
}
auparse_flush_feed(au);
}
RETURN VALUE
Returns -1 if an error occurs; otherwise, 0 for success.
SEE ALSO auparse_add_callback(3), auparse_flush_feed(3)AUTHOR
John Dennis
Red Hat May 2007 AUPARSE_FEED(3)
Hi everyone,
I know the following questions are noobish questions but I am asking them because I am confused about the basics of history behind UNIX and LINUX.
Ok onto business, my questions are-:
Was/Is UNIX ever an open source operating system ?
If UNIX was... (21 Replies)
Hello and thanks in advance for any help anyone can offer me
I'm trying to learn the find command and thought I was understanding it... Apparently I was wrong. I was doing compound searches and I started getting weird results with the -size test. I was trying to do a search on a 1G file owned by... (14 Replies)
hi all,
i have installed quota on my centos 7 machine and its what im after (setting size limit on users, so they cant fill the hard drive)
i want to now make this part of my create user script for my sftp server so i want to do a echo and a read command so i capture the limit they enter... (0 Replies)
Hi everybody,
Which Unix base OS have best performance for HOST virtualization?
I tested SmartOS but it needs another OS to connect remotely!
Thanks in advance. (11 Replies)
Hi All,
I need to write a shell script which opens a file and increments the version(text) within the file every time the script runs. For example:
$ cat docker_file.yml
version: '3.1'
services:
ui:
image: repo-srv.dev.io:5000/facebook/ui:0.0.2-QA1
$
So, I would like... (6 Replies)
Dear Team
We use DB2 v10.5 and using DBArtisan tool
Can someone please guide how to convert digits to binary numbers using db2 feature.
Ex> for number 9 , binary should be 1001 ( 8+1)
Any help appreciated. Thanks (2 Replies)
hi folks,
how to using tar with exclude directory and compress it using tar.Z
i only know how to exclude dir only with this command below:
tar -cvf /varios/restore/test.tar -X excludefile.txt /jfma/test1/
how to compress it using 1 command?
Thanx
Please use CODE tags as... (6 Replies)
Quite an obscure question I think.
We have a rebuild process for remote sites that allows us to PXE rebuild a till (actually a PC with a touch screen and various fancy bits) running CentOS. The current CentOS5 tills work just fine with a tar image restore and some personalisation. Sadly,... (4 Replies)
Hello All,
I had recently learnt a bit of Docker(which provides containerization process).
Here are some of my learning points from it.
Let us start first with very basic question:
What is Docker:
Docker is a platform for sysadmins and developers to DEPLOY, DEVELOP and RUN applications ... (7 Replies)
What is the point of this? Whenever I close my shell it appends to the history file without adding this. I have never seen it overwrite my history file.
# When the shell exits, append to the history file instead of overwriting it
shopt -s histappend (3 Replies)
Hello... And thanks in advance for any help anyone can offer me
I was trying to work out the differences between displaying modify, access, and change times with the 'ls' command. Everything seems in order when I look at files, but the access time on a directory doesn't seem to change when I... (4 Replies)
Hello everyone,
I am having an issue here with CentOS release 6.6 (Final) that shows all of the space used up, but I can't tell where the space went.
Seemingly I am using up 100%, according to
df -h
Filesystem Size Used Avail Use% Mounted on... (27 Replies)
I'm trying to use a bash script for a psych experiment that involves listening to sound files and responding. If I have something like the code below, how can I make sure that a key press is assigned to RESPONSE only after the second echo statement?
for i in 1 2 3; do
echo "Ready?"
sleep 2
... (10 Replies)
After the success of the jq - tool for parsing and manipulating JSON-Data someone wrote a tool called yq, which aims to be the same for YAML, what jq is for JSON. Seems to work fine. I'll definitely give it a chance in future.
Example YAML-File:
--- !ruby/object:Puppet::Node::Facts
... (1 Reply)
Dear All,
I am very pleased to announce that Dave Munro (gull04) is joining the Moderation Team, after being a very valuable member of UNIX.com for 15+ years.
Dave is an IT Consultant with 30 years of experience this year, has worked in many of the industry vertical market segments and has... (6 Replies)