CentOS 7.0 - man page for audit_set_enabled (centos section 3)
|Linux & Unix Commands - Search Man Pages
AUDIT_SET_ENABLED(3) Linux Audit API AUDIT_SET_ENABLED(3)
audit_set_enabled - Enable or disable auditing
int audit_set_enabled (int fd, int enabled);
audit_set_enabled is used to control whether or not the audit system is active. When the
audit system is enabled (enabled set to 1), every syscall will pass through the audit sys-
tem to collect information and potentially trigger an event.
If the audit system is disabled (enabled set to 0), syscalls do not enter the audit system
and no data is collected. There may be some events generated by MAC subsystems like SE
Linux even though the audit system is disabled. It is possible to suppress those events,
too, by adding an audit rule with flags set to AUDIT_FILTER_TYPE.
The return value is <= 0 on error, otherwise it is the netlink sequence id number. This
function can have any error that sendto would encounter.
Red Hat Oct 2006 AUDIT_SET_ENABLED(3)
All times are GMT -4. The time now is 01:56 AM.