Sophie: logwatch-7.3.6-55.fc13 src

logwatch-7.3.6-55.fc13.src.rpm

Info
Deps
Files
Scripts
ChangeLog
Location
Others versions
Analyse

--- logwatch-7.3.6/scripts/services/audit.pom	2007-02-16 04:25:17.000000000 +0100
+++ logwatch-7.3.6/scripts/services/audit	2007-07-04 12:15:55.000000000 +0200
@@ -82,7 +82,8 @@ while ($ThisLine = <STDIN>) {
 	( $ThisLine =~ /: user pid=[0-9]+ uid=[0-9]+ auid=[0-9]+ subj=system_u:system_r:system_dbusd_t:[0-9a-z]+ msg=/) or
 	( $ThisLine =~ /audit\([0-9.]+:[0-9]+\): (selinux=[0-9]+|auid=[0-9]+|prom=[0-9]+|old_prom=[0-9]+|dev=[^ ]+| )+$/) or
         ( $ThisLine =~ /auditd[ ]+S [0-9A-F]+  [0-9]+  [0-9]+[ ]+[0-9]([ ]*[0-9]+[ ]*|[ ]*)[0-9]+  [0-9]+ \(NOTLB\)/) or
-        ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/)
+        ( $ThisLine =~ /Started dispatcher: \/sbin\/audispd pid: [0-9]+/) or
+        ( $ThisLine =~ /audit\([0-9.]*:[0-9]*\): bool=.* val=.* old_val=.* auid=[0-9]*/)
     ) { 
 	# Ignore these entries
     } elsif ( $ThisLine =~ /audit\([0-9]{10}.[0-9]{3}:[0-9]\): initialized$/) {