Skip to content

foxcpp/audit_pretty

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

26 Commits

audit_pretty

audit_pretty

 
 

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

MANIFEST.in

MANIFEST.in

 
 

README.md

README.md

 
 

pretty.png

pretty.png

 
 

raw.png

raw.png

 
 

setup.py

setup.py

 
 

Repository files navigation

[WIP] audit-pretty

Linux Auditing System log files pretty printer.

Screenshot of raw log Screenshoot of log processed by this script

Installation

You can run script directly from repository: python3 -m audit_pretty ARGS... or install it to system directory: pip3 install audit_pretty.

Usage

You need only Python 3 for this script to work.

sudo dmesg | audit-pretty

sudo cat /var/log/audit/audit.log | audit-pretty

It works correctly with dmesg -w so you can watch live log in readable format!

sudo dmesg -w | audit-pretty

There are bunch of useful options you may want to use, check out audit-pretty -h!

Room for improvement

  • Don't use colors (--no-colors)
  • Filter by time (--since, --until)
  • Handle more than just AppArmor violations
  • Verbose option to include more info (-v, --verbose)
  • Filter message types (-e, --exclude, --only)
  • Merge repeated messages (useful for policy debugging) (--merge)

About

Linux Auditing System logs pretty printer

Topics

security linux-audit linux-security

Resources

Readme

License

MIT license
Activity

Stars

12 stars

Watchers

3 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

No packages published

Languages