Skip to content
/ audit_pretty Public

Linux Auditing System logs pretty printer

License

MIT license
11 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

foxcpp/audit_pretty

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits
audit_pretty
audit_pretty
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
MANIFEST.in
MANIFEST.in
 
 
README.md
README.md
 
 
pretty.png
pretty.png
 
 
raw.png
raw.png
 
 
setup.py
setup.py
 
 

Repository files navigation

[WIP] audit-pretty

Linux Auditing System log files pretty printer.

Screenshot of raw log Screenshoot of log processed by this script

Installation

You can run script directly from repository: python3 -m audit_pretty ARGS... or install it to system directory: pip3 install audit_pretty.

Usage

You need only Python 3 for this script to work.

sudo dmesg | audit-pretty

sudo cat /var/log/audit/audit.log | audit-pretty

It works correctly with dmesg -w so you can watch live log in readable format!

sudo dmesg -w | audit-pretty

There are bunch of useful options you may want to use, check out audit-pretty -h!

Room for improvement

  • Don't use colors (--no-colors)
  • Filter by time (--since, --until)
  • Handle more than just AppArmor violations
  • Verbose option to include more info (-v, --verbose)
  • Filter message types (-e, --exclude, --only)
  • Merge repeated messages (useful for policy debugging) (--merge)

About

Linux Auditing System logs pretty printer

Topics

security linux-audit linux-security

Resources

Readme

License

MIT license
Activity

Stars

11 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Languages