> Does anybody knows how to get the audit records from a program in C ? > I know there are some system calls like audit(), getaudit(),..., and some > structs of audit records but I don't know how to use them. Is there any > information available ? -------------------------------------------------------------------------- From: Mansour Esmaili <mansour@osiris.cs.uow.edu.au> Date: Tue, 11 Jun 1996 17:35:36 +1000 (EST) Try manual pages for audit.log and also have a look at audit.h header file which is usually in /usr/include/sys directory. These have structures which tell you how the audit data is stored in audit.log files. Hope this helps. -------------------------------------------------------------------------- Date: Tue, 11 Jun 1996 15:58:46 +0100 From: amo@info.fundp.ac.be (Aziz MOUNJI) Hi Celestino, as far as I know, there is an interface for writing to the BSM log files but there are no interface for reading the next record from log. You must write one by hand. However, the document "SunSHIELD Basic Security Module Guide" provides a comprehensive description of the binary layout of BSM logs. I've implemented such thing as part of a program to convert BSM logs to ASAX internal format (NADF). Aziz. -- +---------------------+--------------------------------------------------+ | ____ ___ | Justin Lister ruf@cs.uow.edu.au | | | \\ /\ __\ | Center for Computer Security Research | | | |) / \_/ / |_ | Dept. Computer Science voice: 61-42-214-327| | | _ \\ /| _/ | University of Wollongong fax: 61-42-214-329| | |_/ \/ \_/ |_| (tm) | LiNuX- iNTEL justification. mobile: 61-0412139269| | | Computer Security a utopian dream... | +---------------------+--------------------------------------------------+