1AUSEARCH_ADD_REGEX(3)           Linux Audit API          AUSEARCH_ADD_REGEX(3)
2
3
4

NAME

6       ausearch_add_regex - use regular expression search rule
7

SYNOPSIS

9       #include <auparse.h>
10
11       int ausearch_add_regex(auparse_state_t *au, const char *expr);
12
13

DESCRIPTION

15       ausearch_add_regex adds one search condition based on a regular expres‐
16       sion to the current audit search expression. The search conditions  can
17       then be used to scan logs, files, or buffers for something of interest.
18       The regular expression follows the posix  extended  regular  expression
19       conventions, and is matched against the full record (without interpret‐
20       ing field values).
21
22       If an existing search expression E is already  defined,  this  function
23       replaces it by (E && this_regexp).
24
25

RETURN VALUE

27       Returns -1 if an error occurs; otherwise, 0 for success.
28
29

SEE ALSO

31       ausearch_add_expression(3),   ausearch_add_item(3),  ausearch_clear(3),
32       ausearch_next_event(3), regcomp(3).
33
34

AUTHOR

36       Steve Grubb
37
38
39
40Red Hat                            Sept 2007             AUSEARCH_ADD_REGEX(3)
Impressum