search

Troglodyne-Internet-Widgets / Audit-Log-perl

perl parser of auditd logs
MIT License
0 stars 0 forks source link

Feature: add filter by CWD, exe and comm #1

Closed teodesian closed 2 years ago

teodesian commented 2 years ago

most PATH entries are preceded by CWD entries. exe and comm are part of the SYSCALL field.