aureport

linux

Generate summary reports of auditd logs.

Options (6)

-l, --loginboolean

Generate a summary of login events

Example: sudo aureport {{[-l|--login]}}

-s, --syscallboolean

List all syscall reports

Example: sudo aureport {{[-s|--syscall]}}

-x, --executableboolean

Generate a summary of executable events

Example: sudo aureport {{[-x|--executable]}}

--startboolean

Show a summary of events for a specific time range

Example: sudo aureport {{[-ts|--start]}} {{start_time}} {{[-te|--end]}} {{end_time}}

--endboolean

Show a summary of events for a specific time range

Example: sudo aureport {{[-ts|--start]}} {{start_time}} {{[-te|--end]}} {{end_time}}

-t, --log-timeboolean

List all audit files and the time range of events they cover

Example: sudo aureport {{[-t|--log-time]}}

Display a summary of auditd events

sudo aureport

Generate a summary of login events

sudo aureport [-l|--login]

List all syscall reports

sudo aureport [-s|--syscall]

Generate a summary of executable events

sudo aureport [-x|--executable]

Show a summary of events for a specific time range

sudo aureport [-ts|--start] start_time [-te|--end] end_time

List all audit files and the time range of events they cover

sudo aureport [-t|--log-time]

Display help

aureport --help