audit.py - OpenGrok cross reference for /external/selinux/python/sepolgen/src/sepolgen/audit.py

Lines Matching full:audit
29     """Obtain all of the avc and policy load messages from the audit
34        string contain all of the audit messages returned by ausearch.
51     """Obtain all of the avc and policy load messages from the audit
56        string contain all of the audit messages returned by ausearch.
69        string contain all of the audit messages returned by dmesg.
78 # Classes representing audit messages
81     """Base class for all objects representing audit messages.
83     AuditMessage is a base class for all audit messages and only
93         an audit message.
101                 if msg[:6] == "audit(":
113     """Class representing invalid audit messages. This is used to differentiate
114     between audit messages that aren't recognized (that should return None from
115     the audit message parser) and a message that is recognized but is malformed
157     An example audit message generated from the audit daemon looks like (line breaks
159        'type=AVC msg=audit(1155568085.407:10877): avc:  denied  { search } for
164     An example audit message stored in syslog (not processed by the audit daemon - line
166        'Sep 12 08:26:43 dhcp83-5 kernel: audit(1158064002.046:4): avc:  denied  { read }
287     """Audit message indicating that the policy was reloaded."""
292     """Audit message indicating that a daemon was started."""
304     """Audit message indicating that a sid was not valid.
335 # Parser for audit messages
338     """Parser for audit messages.
340     This class parses audit messages and stores them according to their message
341     type. This is not a general purpose audit message parser - it only extracts
344     Each audit messages are stored in one of four lists:
372     # Low-level parsing function - tries to determine if this audit
379     #   None - no recognized audit message found in this line
384     #      and valid audit message.
434             # by init is not stored in the audit log.
447         # Group by audit header
457     # the audit system.
484         """Parse a string containing audit messages - messages should
502            audit logs parsed by this object.
512         """Convert the audit logs access into a an access vector set.
514         Convert the audit logs into an access vector set, optionally
526            audit logs parsed by this object.