Skip to main content

auditd.rule.syscall

Description

auditd (Linux Audit Daemon) rule for a syscall

Fields

IDTYPEDESCRIPTION
actionstringthe action specified by -a
liststringthe list, the second value specified by -a
syscalls[]stringthe list of syscalls that this rule matches specified by -S
fields[]dictall field entries as raw values as specified by -F
keynamestringthe key name for related rules as specified by -k