seaudit Preferences GTK_WINDOW_TOPLEVEL GTK_WIN_POS_CENTER_ON_PARENT True True True True False False GDK_WINDOW_TYPE_HINT_DIALOG GDK_GRAVITY_NORTH_WEST True False True True False 0 True GTK_BUTTONBOX_END True True True gtk-cancel True GTK_RELIEF_NORMAL True -6 Close True True True gtk-ok True GTK_RELIEF_NORMAL True -5 0 False True GTK_PACK_END True False 0 4 True 0 0.5 GTK_SHADOW_ETCHED_IN True False 0 4 True 2 4 False 4 10 True Policy: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 1 2 fill True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True Browse True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 2 3 0 1 fill True True True True 0 True * False 1 2 0 1 True True Use Current True GTK_RELIEF_NORMAL True 3 4 0 1 fill True Log: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-edit 4 0.5 0.5 0 0 0 False False True Choose... True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 2 3 1 2 fill True True False True 0 True * False 1 2 1 2 True True Use Current True GTK_RELIEF_NORMAL True 3 4 1 2 fill 0 True True 4 True 2 3 False 4 10 True Report Config File: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True Report Style Sheet: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 1 2 fill True True True True 0 True * False 1 2 1 2 True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True Browse True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 2 3 0 1 fill True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True Browse True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 2 3 1 2 fill True True True True 0 True * False 1 2 0 1 0 True True True <b>Default Files</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 True True 4 True 0 0.5 GTK_SHADOW_ETCHED_IN 10 True 5 5 False 2 18 True True Source Type True GTK_RELIEF_NORMAL True False False True 1 2 2 3 fill True True Source Role True GTK_RELIEF_NORMAL True False False True 1 2 1 2 fill True True Source User True GTK_RELIEF_NORMAL True False False True 1 2 0 1 fill True True Source MLS Level True GTK_RELIEF_NORMAL True False False True 1 2 3 4 fill True True Source MLS Clearance True GTK_RELIEF_NORMAL True False False True 1 2 4 5 fill True True Date True GTK_RELIEF_NORMAL True False False True 0 1 2 3 fill True True Message True GTK_RELIEF_NORMAL True False False True 0 1 1 2 fill True True Hostname True GTK_RELIEF_NORMAL True False False True 0 1 0 1 fill True True Target User True GTK_RELIEF_NORMAL True False False True 2 3 0 1 fill True True Target Role True GTK_RELIEF_NORMAL True False False True 2 3 1 2 fill True True Target Type True GTK_RELIEF_NORMAL True False False True 2 3 2 3 fill True True Target MLS Level True GTK_RELIEF_NORMAL True False False True 2 3 3 4 fill True True Target MLS Clearance True GTK_RELIEF_NORMAL True False False True 2 3 4 5 fill True True Object Class True GTK_RELIEF_NORMAL True False False True 3 4 0 1 fill True True Permission True GTK_RELIEF_NORMAL True False False True 3 4 1 2 fill True True Executable True GTK_RELIEF_NORMAL True False False True 3 4 2 3 fill True True PID True GTK_RELIEF_NORMAL True False False True 4 5 0 1 fill True True Inode True GTK_RELIEF_NORMAL True False False True 4 5 1 2 fill True True Path True GTK_RELIEF_NORMAL True False False True 4 5 2 3 fill True True Other True GTK_RELIEF_NORMAL True False False True 4 5 3 4 fill True True Name True GTK_RELIEF_NORMAL True False False True 3 4 4 5 fill True True Command True GTK_RELIEF_NORMAL True False False True 3 4 3 4 fill True <b>Columns to Display</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 True True 4 True 0 0.5 GTK_SHADOW_ETCHED_IN 10 True 2 1 False 2 18 True False 4 True Log update interval (in milliseconds): False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 53 True Time interval for updating the log in real-time mode True True True 0 True * False 0 True True 0 1 1 2 fill True True Enable real-time monitoring of newly opened log files True GTK_RELIEF_NORMAL True False False True 0 1 0 1 fill True <b>Real-time Monitoring</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 True True 0 True True GDK_POINTER_MOTION_MASK | GDK_ENTER_NOTIFY_MASK | GDK_LEAVE_NOTIFY_MASK GDK_EXTENSION_EVENTS_ALL Find TE Rules GTK_WINDOW_TOPLEVEL GTK_WIN_POS_CENTER_ON_PARENT False 800 600 True True True False False GDK_WINDOW_TYPE_HINT_NORMAL GDK_GRAVITY_NORTH_WEST True False True False 0 True True True True GTK_POS_TOP False False True 0.5 0.5 1 1 0 0 0 0 True False 0 10 True False 41 True False 0 True True Source type regular expression True GTK_RELIEF_NORMAL True False False True 0 False False True False False True True 0 False False True False True Only show direct matches True GTK_RELIEF_NORMAL True False False True 0 False False 0 True True True False 0 True True Target type regular expression True GTK_RELIEF_NORMAL True False False True 0 False False True False False True True 0 False False True False True Only show direct matches True GTK_RELIEF_NORMAL True False False True 0 False False 0 True True True False 0 True True Object class True GTK_RELIEF_NORMAL True False False True 0 False False True False False True True 0 False False 0 True True 5 True False 5 True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-find 4 0.5 0.5 0 0 0 False False True Find TE Rules True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False True True gtk-close True GTK_RELIEF_NORMAL True 0 False False 0 False False 0 False True True True GTK_POLICY_ALWAYS GTK_POLICY_ALWAYS GTK_SHADOW_ETCHED_IN GTK_CORNER_TOP_LEFT True True GDK_POINTER_MOTION_MASK | GDK_ENTER_NOTIFY_MASK | GDK_LEAVE_NOTIFY_MASK GDK_EXTENSION_EVENTS_ALL False False True GTK_JUSTIFY_LEFT GTK_WRAP_NONE True 0 0 0 0 0 0 0 True True False True True Find TE Rules False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 tab True True GTK_POLICY_ALWAYS GTK_POLICY_ALWAYS GTK_SHADOW_ETCHED_IN GTK_CORNER_TOP_LEFT True True False False True GTK_JUSTIFY_LEFT GTK_WRAP_NONE True 0 0 0 0 0 0 False True True Policy Source False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 tab 0 True True True True 0 False False seaudit GTK_WINDOW_TOPLEVEL GTK_WIN_POS_NONE False 950 650 True True True False False GDK_WINDOW_TYPE_HINT_NORMAL GDK_GRAVITY_NORTH_WEST True False True False 0 True GTK_PACK_DIRECTION_LTR GTK_PACK_DIRECTION_LTR True _File True True Open a log file Open _Log True True gtk-open 1 0.5 0.5 0 0 True Open a log from the recent files list Open Recent Log True True True Open a policy Open _Policy True True gtk-open 1 0.5 0.5 0 0 True Open a policy from the recent files list Open Recent Policy True True True Edit startup and display preferences Preferences True True gtk-preferences 1 0.5 0.5 0 0 True True Quit seaudit _Quit True True gtk-quit 1 0.5 0.5 0 0 True _View True True False Create a new default view _New View True True gtk-new 1 0.5 0.5 0 0 True False Open an existing view _Open View... True True gtk-open 1 0.5 0.5 0 0 True False Save the current view _Save View True True gtk-save 1 0.5 0.5 0 0 True False Save the current view as a new file S_ave View As... True True gtk-save-as 1 0.5 0.5 0 0 True True False Modify the current view _Modify View True True gtk-convert 1 0.5 0.5 0 0 True True False Export to a file all messages in the current view _Export Messages... True True False Export to a file selected messages E_xport Selected Messages... True True True False View all fields of the selected message _View Selected Message True True _Search True True False Find TE rules in the loaded policy _Find TE Rules... True True gtk-find 1 0.5 0.5 0 0 True _Tools True True False Create a report from audit messages _Create Report... True True True False Enable or disable real-time monitoring of log file _Monitor Log True False True False Clear all messages from the current view C_lear View True True _Help True True _Help True True gtk-help 1 0.5 0.5 0 0 True True _About seaudit True True gtk-about 1 0.5 0.5 0 0 0 False False 5 True False 5 True False Find TE rules in the loaded policy True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-find 4 0.5 0.5 0 0 0 False False True Find TE Rules True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False True False Modify the current view True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-convert 4 0.5 0.5 0 0 0 False False True Modify View True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False True False Toggle the monitor log feature True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-refresh 4 0.5 0.5 0 0 0 False False True Monitor Log True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False True False Clear messages in the current view True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-clear 4 0.5 0.5 0 0 0 False False True Clear View True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False 0 False False 1 True False 0 0 True True True False 0 True Policy: No Policy False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_END 28 False 0 20 False False True Log Messages: No log False False GTK_JUSTIFY_LEFT False False 0.5 0.519999980927 0 0 PANGO_ELLIPSIZE_END 24 False 0 0 False False True Dates: No log False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_END -1 False 0 0 True True True Monitor Status: <span foreground="red">OFF</span> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE 18 False 0 20 False False GTK_PACK_END 0 False True Create Report GTK_WINDOW_TOPLEVEL GTK_WIN_POS_CENTER_ON_PARENT True 760 240 True True True False False GDK_WINDOW_TYPE_HINT_DIALOG GDK_GRAVITY_NORTH_WEST True False True True False 0 True GTK_BUTTONBOX_END True True True gtk-close True GTK_RELIEF_NORMAL True -7 True True True GTK_RELIEF_NORMAL True -5 True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-new 4 0.5 0.5 0 0 0 False False True Create Report True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False True GTK_PACK_END True False 0 8 True 0 0.5 GTK_SHADOW_IN True 0.5 0.5 1 1 0 0 4 4 2 True False 8 True False 0 True True Messages from entire audit log True GTK_RELIEF_NORMAL True True False True 0 False False True True Messages from current view (Does not preserve sort order.) True GTK_RELIEF_NORMAL True False False True ReportWindowAllMessagesRadio 0 False False 0 False False True True Include malformed messages True GTK_RELIEF_NORMAL True False False True 0 False False True <b>Input</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False True 8 True 0 0.5 GTK_SHADOW_IN True 0.5 0.5 1 1 0 0 4 4 True False 8 True False 0 True True Plain Text True GTK_RELIEF_NORMAL True False False True 0 False False True True HTML True GTK_RELIEF_NORMAL True False False True ReportWindowTextRadio 0 False False 0 False True True False 0 True False True Use HTML style sheet True GTK_RELIEF_NORMAL True False False True 0 False False 2 True False 7 True False Style sheet file: False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True False True True True 0 True * False 0 True True True False True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True Browse True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False 0 True True 0 False True 2 True False 7 True Report config file: False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True True True True 0 True * False 0 True True True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True Browse True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False 0 False True True <b>Output</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 True True 0 True True Modify View GTK_WINDOW_TOPLEVEL GTK_WIN_POS_CENTER_ON_PARENT True True True True False False GDK_WINDOW_TYPE_HINT_DIALOG GDK_GRAVITY_NORTH_WEST True False True True False 0 True GTK_BUTTONBOX_END True True True gtk-cancel True GTK_RELIEF_NORMAL True -6 True True True gtk-apply True GTK_RELIEF_NORMAL True -10 True True True gtk-ok True GTK_RELIEF_NORMAL True -5 0 False True GTK_PACK_END True False 0 4 True False 4 True View name: False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True True True True 0 True * False 0 True True 0 False True 4 True 0 0.5 GTK_SHADOW_ETCHED_IN 5 True False 5 True Show Hide False True 0 False False True messages that match False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True all filters any filter False True 0 False False True <b>Match</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False True 4 True 0 0.5 GTK_SHADOW_ETCHED_IN True False 0 4 True True GTK_POLICY_AUTOMATIC GTK_POLICY_AUTOMATIC GTK_SHADOW_NONE GTK_CORNER_TOP_LEFT True True False False False False False False False 0 True True 4 True GTK_BUTTONBOX_START 4 True True True gtk-add True GTK_RELIEF_NORMAL True True False True True gtk-edit True GTK_RELIEF_NORMAL True True False True True gtk-remove True GTK_RELIEF_NORMAL True True True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True _Import True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True False True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-save 4 0.5 0.5 0 0 0 False False True E_xport True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False True <b>Filters</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 True True 0 True True Edit Filter GTK_WINDOW_TOPLEVEL GTK_WIN_POS_CENTER_ON_PARENT True True True True False False GDK_WINDOW_TYPE_HINT_DIALOG GDK_GRAVITY_NORTH_WEST True False True True False 0 True GTK_BUTTONBOX_END True True True gtk-close True GTK_RELIEF_NORMAL True -7 0 True True GTK_PACK_END True False 0 4 True 0 0.5 GTK_SHADOW_ETCHED_IN True False 0 4 True False 4 True Filter name: False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True True True True 0 True * False 0 True True 0 True True 4 True False 4 True Filter match: False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True All Criteria Any Criterion False True 0 False False 0 True True 0 True False 4 349 True True True True GTK_POS_TOP False False 4 True False 5 True 0 0.5 GTK_SHADOW_ETCHED_IN 4 True 5 2 False 4 4 True Source user(s) to filter, comma separated True True True 0 True * False 1 2 1 2 True Source role(s) to filter, comma separated True True True 0 True * False 1 2 2 3 True Source type(s) to filter, comma separated True True True 0 True * False 1 2 0 1 True Source MLS Level(s) to filter, comma separated True True True 0 True * False 1 2 3 4 True Source MLS Clearance(s) to filter, comma separated True True True 0 True * False 1 2 4 5 2 True Select source role(s) True Role: True GTK_RELIEF_NORMAL True 0 1 2 3 fill 2 True Select source user(s) True User: True GTK_RELIEF_NORMAL True 0 1 1 2 fill 2 True Select source type(s) True Type: True GTK_RELIEF_NORMAL True 0 1 0 1 fill 2 True Select source MLS Level(s) True MLS Level: True GTK_RELIEF_NORMAL True 0 1 3 4 fill 2 True Select source MLS Clearance(s) True MLS Clearance: True GTK_RELIEF_NORMAL True 0 1 4 5 fill True <b>Source Context</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False True True 0 0.5 GTK_SHADOW_ETCHED_IN 4 True 5 2 False 4 4 2 True Select target type(s) True Type: True GTK_RELIEF_NORMAL True 0 1 0 1 fill 2 True Select target user(s) True User: True GTK_RELIEF_NORMAL True 0 1 1 2 fill 2 True Select target role(s) True Role: True GTK_RELIEF_NORMAL True 0 1 2 3 fill 2 True Select target MLS Level(s) True MLS Level: True GTK_RELIEF_NORMAL True 0 1 3 4 fill 2 True Select target MLS Clearance(s) True MLS Clearance: True GTK_RELIEF_NORMAL True 0 1 4 5 fill True Target type(s) to filter, comma separated True True True 0 True * False 1 2 0 1 True Target user(s) to filter, comma separated True True True 0 True * False 1 2 1 2 True Target role(s) to filter, comma separated True True True 0 True * False 1 2 2 3 True Target MLS Level(s) to filter, comma separated True True True 0 True * False 1 2 3 4 True Target MLS Clearance(s) to filter, comma separated True True True 0 True * False 1 2 4 5 True <b>Target Context</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False True True 0 0.5 GTK_SHADOW_ETCHED_IN 4 True False 4 True Select object class(es) True Class: True GTK_RELIEF_NORMAL True 0 False False True Object class(es) to filter, comma separated True True True 0 True * False 0 True True True <b>Object Class</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False False 4 True GTK_BUTTONBOX_START 4 True True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-clear 4 0.5 0.5 0 0 0 False False True Clear Tab True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False False True True Context False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 tab 4 True False 4 True 0 0.5 GTK_SHADOW_ETCHED_IN 4 True 3 2 False 4 4 True IP Address: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True Port: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 1 2 fill True Interface: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 2 3 fill True IP Address to filter (match as a glob expression) True True 0 True * False 1 2 0 1 True Port number to match (any of port, source, dest, fport or lport) True True True 0 True * False 1 2 1 2 True Network interface to match (exact string match) True True True 0 True * False 1 2 2 3 True <b>Networking</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False True True 0 0.5 GTK_SHADOW_ETCHED_IN 4 True 5 2 False 4 4 True Executable: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True Name of executable (match as a glob expression) True True True 0 True * False 1 2 0 1 True Path of target file (match as a glob expression) True True True 0 True * False 1 2 1 2 True Path: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 1 2 fill True Hostname: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 2 3 fill True Host system that generated audit message (match as a glob expression) True True True 0 True * False 1 2 2 3 True Command: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 3 4 fill True Name of command (match as a glob expression) True True True 0 True * False 1 2 3 4 True Message Type: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 4 5 fill True All Messages Only AVC Denied Only AVC Granted False True 1 2 4 5 fill fill True <b>Other</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False True 5 True GTK_BUTTONBOX_START 5 True True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-clear 4 0.5 0.5 0 0 0 False False True Clear Tab True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False False True True Other False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 tab 4 True False 4 True True Do not match date and time True GTK_RELIEF_NORMAL True True False True 0 False False True True Match messages before Start True GTK_RELIEF_NORMAL True False False True FilterViewDateNoneRadio 0 False False True True Match messages after Start True GTK_RELIEF_NORMAL True False False True FilterViewDateNoneRadio 0 False False True 0 0 1 1 0 0 20 20 True False 0 0.5 GTK_SHADOW_ETCHED_IN True 0.5 0.5 1 1 0 0 4 4 True False 0 4 True 2 2 True 0 4 True Month: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True Day: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 1 2 0 1 fill True True 1 0 True GTK_UPDATE_ALWAYS False False 1 1 31 1 10 10 1 2 1 2 True Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec False True 0 1 1 2 fill fill 0 True True 4 True 2 3 False 0 4 True Hour: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True Minute: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 1 2 0 1 fill True Second: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 2 3 0 1 fill True True 1 0 True GTK_UPDATE_ALWAYS False False 0 0 23 1 10 10 0 1 1 2 True True 1 0 True GTK_UPDATE_ALWAYS False False 0 0 59 1 10 10 1 2 1 2 True True 1 0 True GTK_UPDATE_ALWAYS False False 0 0 59 1 10 10 2 3 1 2 0 False False True <b>Start</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False True True True Match messages between Start and End True GTK_RELIEF_NORMAL True False False True FilterViewDateNoneRadio 0 False False True 0 0 1 1 0 0 20 20 True False 0 0.5 GTK_SHADOW_ETCHED_IN True 0.5 0.5 1 1 0 0 4 4 True False 0 4 True 2 2 True 0 4 True Month: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True Day: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 1 2 0 1 fill True True 1 0 True GTK_UPDATE_ALWAYS False False 1 1 31 1 10 10 1 2 1 2 True Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec False True 0 1 1 2 fill fill 0 True True 4 True 2 3 False 0 4 True Hour: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 1 0 1 fill True Minute: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 1 2 0 1 fill True Second: False False GTK_JUSTIFY_LEFT False False 0 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 2 3 0 1 fill True True 1 0 True GTK_UPDATE_ALWAYS False False 0 0 23 1 10 10 0 1 1 2 True True 1 0 True GTK_UPDATE_ALWAYS False False 0 0 59 1 10 10 1 2 1 2 True True 1 0 True GTK_UPDATE_ALWAYS False False 0 0 59 1 10 10 2 3 1 2 0 False False True <b>End</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 False False False True True Date False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 tab True False 0 True True GTK_POLICY_AUTOMATIC GTK_POLICY_AUTOMATIC GTK_SHADOW_IN GTK_CORNER_TOP_LEFT True True True False True GTK_JUSTIFY_LEFT GTK_WRAP_WORD True 0 0 0 0 0 0 0 True True False True True Notes False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 tab 0 True True 0 True True True Policy Components GTK_WINDOW_TOPLEVEL GTK_WIN_POS_CENTER_ON_PARENT True 600 450 True True True False False GDK_WINDOW_TYPE_HINT_DIALOG GDK_GRAVITY_NORTH_WEST True False True True False 0 True GTK_BUTTONBOX_END True True True gtk-close True GTK_RELIEF_NORMAL True -7 0 False True GTK_PACK_END 4 True False 10 True False 0 True Select items from: False False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_END -1 False 0 0 True True True 0.5 0.5 1 1 0 0 10 0 True False 0 True True Log True GTK_RELIEF_NORMAL True True False True 0 False False True True Policy True GTK_RELIEF_NORMAL True True False True PolicyCompLogRadio 0 False False True True Log and Policy True GTK_RELIEF_NORMAL True True False True PolicyCompLogRadio 0 False False 0 False False 0 False True True False 4 4 True 0 0.5 GTK_SHADOW_ETCHED_IN True False 0 4 True True GTK_POLICY_AUTOMATIC GTK_POLICY_AUTOMATIC GTK_SHADOW_NONE GTK_CORNER_TOP_LEFT True Unselected Items True GDK_ENTER_NOTIFY_MASK False False False True False False False 0 True True 4 True GTK_BUTTONBOX_SPREAD 0 True True True Select All True GTK_RELIEF_NORMAL True True True True Unselect All True GTK_RELIEF_NORMAL True 0 False True True <b>Included Items</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 True True True 0.5 0.5 1 0.20000000298 0 50 0 0 85 56 True GTK_BUTTONBOX_SPREAD 0 True Add to selected items list True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-go-forward 4 0.5 0.5 0 0 0 False False True True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True True True GTK_RELIEF_NORMAL True True gtk-go-back 4 0.5 0.5 0 0 0 False False 4 True 0 0.5 GTK_SHADOW_ETCHED_IN 4 True False 0 4 True True GTK_POLICY_AUTOMATIC GTK_POLICY_AUTOMATIC GTK_SHADOW_NONE GTK_CORNER_TOP_LEFT True Unselected Items True GDK_ENTER_NOTIFY_MASK False False False True False False False 0 True True 4 True GTK_BUTTONBOX_SPREAD 0 True True True Select All True GTK_RELIEF_NORMAL True True True True Unselect All True GTK_RELIEF_NORMAL True 0 False True True <b>Excluded Items</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 label_item 0 True True 0 True True 0 True True Open Policy GTK_WINDOW_TOPLEVEL GTK_WIN_POS_CENTER_ON_PARENT True 340 360 True True True False False GDK_WINDOW_TYPE_HINT_DIALOG GDK_GRAVITY_NORTH_WEST True False True True False 0 True GTK_BUTTONBOX_END True True True gtk-cancel True GTK_RELIEF_NORMAL True -6 True True True gtk-ok True GTK_RELIEF_NORMAL True -5 0 False True GTK_PACK_END 4 True False 10 True False 0 True <b>Policy Type:</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_END -1 False 0 0 False False True 0.5 0.5 1 1 0 0 10 0 True False 0 True True Monolithic policy True GTK_RELIEF_NORMAL True False False True 0 False False True True Modular policy True GTK_RELIEF_NORMAL True False False True monolithic radio 0 False False 0 True True 0 False True True False 0 True <b>Policy Filename:</b> False True GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_END -1 False 0 0 False False True False 4 True True True True 0 True * False 0 True True True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True Browse True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False False 0 True True 0 False True True False False 4 True True GTK_POLICY_AUTOMATIC GTK_POLICY_AUTOMATIC GTK_SHADOW_IN GTK_CORNER_TOP_LEFT True True True False False False False False False 0 True True True GTK_BUTTONBOX_START 8 True True True gtk-add True GTK_RELIEF_NORMAL True True False True True gtk-remove True GTK_RELIEF_NORMAL True True True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-open 4 0.5 0.5 0 0 0 False False True _Import True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False True True True GTK_RELIEF_NORMAL True True 0.5 0.5 0 0 0 0 0 0 True False 2 True gtk-save 4 0.5 0.5 0 0 0 False False True E_xport True False GTK_JUSTIFY_LEFT False False 0.5 0.5 0 0 PANGO_ELLIPSIZE_NONE -1 False 0 0 False False 0 False True 0 True True 0 True True