1seaudit(8) System Manager's Manual seaudit(8)
2
6 seaudit - SELinux graphical audit log analysis tool
7
9 seaudit [OPTIONS] [POLICY ...]
10
12 seaudit allows the user to view and filter the contents of a log file.
13 seaudit supports the syslog and auditd log formats and provides queries
14 to inspect the SELinux policy based on log messages.
15
17 seaudit supports loading a SELinux policy in one of four formats.
18 source A single text file containing policy source for versions 12
20 through 21. This file is usually named policy.conf.
21 binary A single file containing a monolithic kernel binary policy for
23 versions 15 through 21. This file is usually named by version -
24 for example, policy.20.
25 modular
27 A list of policy packages each containing a loadable policy mod‐
28 ule. The first module listed must be a base module.
29 policy list
31 A single text file containing all the information needed to load
32 a policy, usually exported by SETools graphical utilities.
33 If no policy file is provided, seaudit will search for the system
35 default policy: checking first for a source policy, next for a binary
36 policy matching the running kernel's preferred version, and finally for
37 the highest version that can be found. If no policy can be found,
38 seaudit will begin with no policy loaded.
39
41 -l FILE, --log=FILE
42 Upon startup, open the log FILE instead of the system log file.
43 -h, --help
45 Print help information and exit.
46 -V, --version
48 Print version information and exit.
49
51 This manual page was written by Jeremy A. Mowery <jmowery@tresys.com>.
52
54 Copyright(C) 2006-2007 Tresys Technology, LLC
55
57 Please report bugs via an email to setools-bugs@tresys.com.
58
60 seaudit-report(8)
61 seaudit(8)