Manual Reference Pages - AU_IO (3)
- perform I/O involving an audit record
au_fetch_tok tokenstr_t *tok u_char *buf int len
FILE *outfp tokenstr_t *tok char *del char raw char sfrm
au_read_rec FILE *fp u_char **buf
These interfaces support input and output (I/O) involving audit records,
internalizing an audit record from a byte stream, converting a token to
either a raw or default string, and reading a single record from a file.
reads a token from the passed buffer
bytes, and returns a pointer to the token via
prints a string form of the token
to the file output stream
either in default mode, or raw mode if
is set non-zero.
is used when printing.
reads an audit record from the file stream
and returns an allocated memory buffer containing the record via
which must be freed by the caller using
A typical use of these routines might open a file with
then read records from the file sequentially by calling
Each record would be broken down into components tokens through sequential
on the buffer, and then invoking
to print each token to an output stream such as
On completion of the processing of each record, a call to
would be used to free the record buffer.
Finally, the source stream would be closed by a call to
return 0 on success, or -1 on failure along with additional error information
The OpenBSM implementation was created by McAfee Research, the security
division of McAfee Inc., under contract to Apple Computer, Inc., in 2004.
It was subsequently adopted by the TrustedBSD Project as the foundation for
the OpenBSM distribution.
This software was created by
.An Robert Watson ,
.An Wayne Salamon ,
.An Suresh Krishnaswamy
for McAfee Research, the security research division of McAfee,
Inc., under contract to Apple Computer, Inc.
The Basic Security Module (BSM) interface to audit records and audit event
stream format were defined by Sun Microsystems.
may not always be properly set in the event of an error.
Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.