blob: 1c3eb2ec9a56b15a86edf3521caed99a7cc0c205 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
|
.TH seaudit 8
.SH NAME
seaudit \- SELinux graphical audit log analysis tool
.SH SYNOPSIS
.B seaudit
[OPTIONS] [POLICY ...]
.SH DESCRIPTION
.PP
.B seaudit
allows the user to view and filter the contents of a log file.
.B seaudit
supports the syslog and auditd log formats and provides queries to inspect the SELinux policy based on log messages.
.SH POLICY
.PP
.B
seaudit
supports loading a SELinux policy in one of four formats.
.IP "source"
A single text file containing policy source for versions 12 through 21. This file is usually named policy.conf.
.IP "binary"
A single file containing a monolithic kernel binary policy for versions 15 through 21. This file is usually named by version - for example, policy.20.
.IP "modular"
A list of policy packages each containing a loadable policy module. The first module listed must be a base module.
.IP "policy list"
A single text file containing all the information needed to load a policy, usually exported by SETools graphical utilities.
.PP
If no policy file is provided,
.B
seaudit
will search for the system default policy: checking first for a source policy, next for a binary policy matching the running kernel's preferred version, and finally for the highest version that can be found.
If no policy can be found,
.B
seaudit
will begin with no policy loaded.
.SH OPTIONS
.IP "-l FILE, --log=FILE"
Upon startup, open the log FILE instead of the system log file.
.IP "-h, --help"
Print help information and exit.
.IP "-V, --version"
Print version information and exit.
.SH AUTHOR
This manual page was written by Jeremy A. Mowery <jmowery@tresys.com>.
.SH COPYRIGHT
Copyright(C) 2006-2007 Tresys Technology, LLC
.SH BUGS
Please report bugs via an email to setools-bugs@tresys.com.
.SH SEE ALSO
seaudit-report(8)
|
