AUSEARCH_ADD_REGEX
NAMESYNOPSIS
DESCRIPTION
RETURN VALUE
SEE ALSO
AUTHOR
NAME
ausearch_add_regex − use regular expression search rule
SYNOPSIS
#include <auparse.h>
int ausearch_add_regex(auparse_state_t *au, const char *expr);
DESCRIPTION
ausearch_add_regex adds one search condition based on a regular expression to the current audit search expression. The search conditions can then be used to scan logs, files, or buffers for something of interest. The regular expression follows the posix extended regular expression conventions, and is matched against the full record (without interpreting field values).
If an existing search expression E is already defined, this function replaces it by (E && this_regexp).
RETURN VALUE
Returns -1 if an error occurs; otherwise, 0 for success.
SEE ALSO
ausearch_add_expression(3), ausearch_add_item(3), ausearch_clear(3), ausearch_next_event(3), regcomp(3).
AUTHOR
Steve Grubb
More Linux Commands
manpages/getrpcbynumber.3.html
getrpcbynumber(3) - get RPC entry - Linux manual page.......
The getrpcent(), getrpcbyname(), and getrpcbynumber() functions each return a pointer to an object with the following structure containing the broken-out fields
manpages/find-jar.1.html
find-jar(1) - Small helper script to find a jar or a directo
The find-jar command tests the resolution of a given element. If successful it will return a JAR file or a directory. This command is solely intended for testin
manpages/idcok.3ncurses.html
idcok(3ncurses) - curses output options - Linux manual page
These routines set options that change the style of output within curses. All options are initially FALSE, unless otherwise stated. It is not necessary to turn
manpages/hciattach.1.html
hciattach(1) attach serial devices via UART HCI to BlueZ sta
hciattach.1 - Hciattach is used to attach a serial UART to the Bluetooth stack as HCI transport interface. OPTIONS -b Send break. -n Dont detach from controllin
manpages/XChangeDeviceDontPropagateList.3.html
XChangeDeviceDontPropagateList(3) - query or change the dont
The XChangeDeviceDontPropagateList request modifies the list of events that should not be propagated to ancestors of the event window. This request allows exten
manpages/ggzmod_h.3.html
ggzmod_h(3) - Common functions for interfacing a game server
Common functions for interfacing a game server and GGZ. This file contains all libggzmod functions used by game servers to interface with GGZ (and vice versa).
manpages/Tk_FreeTextLayout.3.html
Tk_FreeTextLayout(3) - routines to measure and display singl
These routines are for measuring and displaying single-font, multi-line, justified text. To measure and display simple single-font, single-line strings, refer t
manpages/form_field_info.3form.html
form_field_info(3form) - retrieve field characteristics.....
The function field_info returns the sizes and other attributes passed in to the field at its creation time. The attributes are: height, width, row of upper-left
manpages/jpegicc.1.html
jpegicc(1) - little cms ICC profile applier for JPEG........
jpegicc.1 - lcms is a standalone CMM engine, which deals with the color management. It implements a fast transformation between ICC profiles. jpegicc is little
manpages/attr_removef.3.html
attr_removef(3) - remove a user attribute of a filesystem ob
The attr_remove and attr_removef functions provide a way to remove previously created attributes from filesystem objects. Path points to a path name for a files
manpages/fread_unlocked.3.html
fread_unlocked(3) - nonlocking stdio functions (Man Page)...
Each of these functions has the same behavior as its counterpart without the _unlocked suffix, except that they do not use locking (they do not set locks themse
manpages/ldap_error.3.html
ldap_error(3) - LDAP protocol error handling routines.......
The ldap_err2string() routine provides short description of the various codes returned by routines in this library. The returned string is a pointer to a static
