Zdenek,
Would you please give a sample to run research to find out arch? Thanks.
---henry
On Thu, Jun 1, 2023, 00:48 Zdenek Pytela zpytela@redhat.com wrote:
On Wed, May 31, 2023 at 9:47 PM Henry Zhang henryzhang62@gmail.com wrote:
Hi folks,
I want to analyze audit.log and see arch=c00000b7 syscall=35
Where can I find what c00000b7 and 35 mean respectively for arm64 device?
Hi,
You'd better use the ausearch/aureport commands with the -i switch to interpret them.
--
Zdenek Pytela Security SELinux team