ivuorinen/cheatsheet-tldr
1
0
Fork 0
mirror of https://github.com/ivuorinen/cheatsheet-tldr.git synced 2026-02-18 09:49:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

Update cheatsheets

Browse Source
This commit is contained in:
ivuorinen
2025-10-08 00:19:16 +00:00
parent 4102fec4f8
commit 52f5647220
45 changed files with 1002 additions and 38 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
tldr/linux/ausearch Normal file
View File

@@ -0,0 +1,39 @@
---
syntax: markdown
tags: [tldr, linux]
source: https://github.com/tldr-pages/tldr.git
---
# ausearch
> Query the Linux audit log for events.
> Part of the `audit` package.
> See also: `audit2why`, `audit2allow`, `aureport`.
> More information: <https://manned.org/ausearch>.
- Search for all SELinux AVC denial events:
`sudo ausearch {{[-m|--message]}} avc`
- Search for events related to a specific executable:
`sudo ausearch {{[-c|--comm]}} {{httpd}}`
- Search for events from a specific user:
`sudo ausearch {{[-ui|--uid]}} {{1000}}`
- Search for events in the last 10 minutes:
`sudo ausearch {{[-ts|--start]}} recent`
- Search for failed login attempts:
`sudo ausearch {{[-m|--message]}} user_login {{[-sv|--success]}} no`
- Search for events related to a specific file:
`sudo ausearch {{[-f|--file]}} {{path/to/file}}`
- Display results in raw format for further processing:
`sudo ausearch {{[-m|--message]}} avc --raw`