auditd.rule.syscall
Description
auditd (Linux Audit Daemon) rule for a syscall
Fields
ID | TYPE | DESCRIPTION |
---|---|---|
action | string | the action specified by -a |
list | string | the list, the second value specified by -a |
syscalls | []string | the list of syscalls that this rule matches specified by -S |
fields | []dict | all field entries as raw values as specified by -F |
keyname | string | the key name for related rules as specified by -k |