NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | SEE ALSO | AUTHOR | COLOPHON |
|
|
AUSEARCH_CUR_EVENT(3) Linux Audit API AUSEARCH_CUR_EVENT(3)
ausearch_cur_event - check if the current event meets search criteria
#include <auparse.h> int ausearch_cur_event(auparse_state_t *au);
ausearch_cur_event will scan the input source and evaluate whether any record in the current event contains the data being searched for. Evaluation is done at the record level. If a match is found, the cursor is repositioned; otherwise, it remains on the last successfully parsed record within the current event.
Returns -1 if an error occurs, 0 if no matches, and 1 for success.
ausearch_add_item(3), ausearch_add_regex(3), ausearch_next_event(3), ausearch_set_stop(3).
Attila Lakatos
This page is part of the audit (Linux Audit) project.
Information about the project can be found at
⟨http://people.redhat.com/sgrubb/audit/⟩. If you have a bug
report for this manual page, send it to [email protected].
This page was obtained from the project's upstream Git repository
⟨https://github.com/linux-audit/audit-userspace.git⟩ on
2024-06-14. (At that time, the date of the most recent commit
that was found in the repository was 2024-06-12.) If you
discover any rendering problems in this HTML version of the page,
or you believe there is a better or more up-to-date source for
the page, or you have corrections or improvements to the
information in this COLOPHON (which is not part of the original
manual page), send a mail to [email protected]
Red Hat Feb 2024 AUSEARCH_CUR_EVENT(3)
Pages that refer to this page: ausearch_add_expression(3), ausearch_add_interpreted_item(3), ausearch_add_item(3), ausearch_add_regex(3), ausearch_add_timestamp_item(3), ausearch_add_timestamp_item_ex(3), ausearch_set_stop(3)