Audit-Log
view release on metacpan or search on metacpan
t/audit.log view on Meta::CPAN
type=DAEMON_START msg=audit(1642441164.434:3761): op=start ver=3.0 format=enriched kernel=5.11.0-46-generic auid=4294967295 pid=11481 uid=0 ses=4294967295 subj=unconfined res=success
AUID="unset" UID="root"
type=CONFIG_CHANGE msg=audit(1642441164.443:60): op=set audit_backlog_limit=8192 old=64 auid=4294967295 ses=4294967295 subj=unconfined res=1
AUID="unset"
type=SYSCALL msg=audit(1642441164.443:60): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffc575f77c0 a2=3c a3=0 items=0 ppid=11484 pid=11494 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 com...
type=PROCTITLE msg=audit(1642441164.443:60): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573
type=CONFIG_CHANGE msg=audit(1642441164.443:61): op=set audit_failure=1 old=1 auid=4294967295 ses=4294967295 subj=unconfined res=1
AUID="unset"
type=SYSCALL msg=audit(1642441164.443:61): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffc575f77c0 a2=3c a3=0 items=0 ppid=11484 pid=11494 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 com...
type=PROCTITLE msg=audit(1642441164.443:61): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573
type=CONFIG_CHANGE msg=audit(1642441164.443:62): op=set audit_backlog_wait_time=60000 old=15000 auid=4294967295 ses=4294967295 subj=unconfined res=1
AUID="unset"
type=SYSCALL msg=audit(1642441164.443:62): arch=c000003e syscall=44 success=yes exit=60 a0=3 a1=7ffc575f77c0 a2=3c a3=0 items=0 ppid=11484 pid=11494 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 com...
type=PROCTITLE msg=audit(1642441164.443:62): proctitle=2F7362696E2F617564697463746C002D52002F6574632F61756469742F61756469742E72756C6573
type=SERVICE_START msg=audit(1642441164.443:63): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=auditd comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="unset"
type=SERVICE_START msg=audit(1642441165.947:64): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=packagekit comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="unset"
type=USER_END msg=audit(1642441166.771:65): pid=11275 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=...
type=CRED_DISP msg=audit(1642441166.771:66): pid=11275 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AUID=...
type=USER_ACCT msg=audit(1642441188.763:67): pid=11909 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AU...
type=USER_CMD msg=audit(1642441188.763:68): pid=11909 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='cwd="/testpath" cmd=736572766963652061756469746420737461747573 exe="/usr/bin/sudo" terminal=pts/1 res=success'
UID="doge" AUID="unset"
type=CRED_REFR msg=audit(1642441188.763:69): pid=11909 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="dog...
type=USER_START msg=audit(1642441188.763:70): pid=11909 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_open grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal...
type=USER_END msg=audit(1642441188.815:71): pid=11909 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=...
type=CRED_DISP msg=audit(1642441188.815:72): pid=11909 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AUID=...
type=USER_ACCT msg=audit(1642441381.779:73): pid=12068 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AU...
type=USER_CMD msg=audit(1642441381.779:74): pid=12068 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='cwd="/testpath" cmd=617564697463746C202D77202F686F6D652F646F67652F436F64652F636C69656E742D736372697074732F686F6C6F70687261737469632F626...
type=CRED_REFR msg=audit(1642441381.779:75): pid=12068 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="dog...
type=USER_START msg=audit(1642441381.779:76): pid=12068 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_open grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal...
type=CONFIG_CHANGE msg=audit(1642441381.779:77): auid=4294967295 ses=4294967295 subj=unconfined op=add_rule key="backupwatch" list=4 res=1
AUID="unset"
type=SYSCALL msg=audit(1642441381.779:77): arch=c000003e syscall=44 success=yes exit=1120 a0=4 a1=7ffda0f363e0 a2=460 a3=0 items=0 ppid=12068 pid=12069 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts1 ses=4294967295 co...
type=PROCTITLE msg=audit(1642441381.779:77): proctitle=617564697463746C002D77002F686F6D652F646F67652F436F64652F636C69656E742D736372697074732F686F6C6F70687261737469632F6261636B757073002D700077617278002D6B006261636B75707761746368
type=USER_END msg=audit(1642441381.783:78): pid=12068 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=...
type=CRED_DISP msg=audit(1642441381.783:79): pid=12068 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AUID=...
type=SYSCALL msg=audit(1642441391.567:80): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7ffe41a5b831 a2=941 a3=1b6 items=2 ppid=3354 pid=12075 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1...
type=CWD msg=audit(1642441391.567:80): cwd="/testpath"
type=PATH msg=audit(1642441391.567:80): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642441391.567:80): item=1 name="backups/test.txt" inode=10881960 dev=103:02 mode=0100664 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642441391.567:80): proctitle=746F756368006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642441402.623:81): arch=c000003e syscall=316 success=yes exit=0 a0=ffffff9c a1=7ffe4b295824 a2=ffffff9c a3=7ffe4b295835 items=4 ppid=3354 pid=12083 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgi...
type=CWD msg=audit(1642441402.623:81): cwd="/testpath"
type=PATH msg=audit(1642441402.623:81): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642441402.623:81): item=1 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642441402.623:81): item=2 name="backups/test.txt" inode=10881960 dev=103:02 mode=0100664 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642441402.623:81): item=3 name="backups/testme.txt" inode=10881960 dev=103:02 mode=0100664 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642441402.623:81): proctitle=6D76006261636B7570732F746573742E747874006261636B7570732F746573746D652E747874
type=SYSCALL msg=audit(1642441406.575:82): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=7fffb180d831 a2=941 a3=1b6 items=2 ppid=3354 pid=12087 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1...
type=CWD msg=audit(1642441406.575:82): cwd="/testpath"
type=PATH msg=audit(1642441406.575:82): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642441406.575:82): item=1 name="backups/test.txt" inode=10881995 dev=103:02 mode=0100664 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642441406.575:82): proctitle=746F756368006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642441412.975:83): arch=c000003e syscall=263 success=yes exit=0 a0=ffffff9c a1=55ca3d8054d0 a2=0 a3=0 items=2 ppid=3354 pid=12093 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 ...
type=CWD msg=audit(1642441412.975:83): cwd="/testpath"
type=PATH msg=audit(1642441412.975:83): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642441412.975:83): item=1 name="backups/testme.txt" inode=10881960 dev=103:02 mode=0100664 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642441412.975:83): proctitle=726D006261636B7570732F746573746D652E747874
type=SYSCALL msg=audit(1642441419.063:84): arch=c000003e syscall=268 success=yes exit=0 a0=ffffff9c a1=55b8e9c09500 a2=1fd a3=49 items=1 ppid=3354 pid=12097 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=10...
type=CWD msg=audit(1642441419.063:84): cwd="/testpath"
type=PATH msg=audit(1642441419.063:84): item=0 name="backups/test.txt" inode=10881995 dev=103:02 mode=0100664 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642441419.063:84): proctitle=63686D6F64002B78006261636B7570732F746573742E747874
type=USER_ACCT msg=audit(1642441428.163:85): pid=12106 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AU...
type=USER_CMD msg=audit(1642441428.163:86): pid=12106 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='cwd="/testpath" cmd="aureport" exe="/usr/bin/sudo" terminal=pts/1 res=success'
UID="doge" AUID="unset"
type=CRED_REFR msg=audit(1642441428.163:87): pid=12106 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="dog...
type=USER_START msg=audit(1642441428.163:88): pid=12106 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_open grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal...
type=USER_END msg=audit(1642441428.167:89): pid=12106 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=...
type=CRED_DISP msg=audit(1642441428.167:90): pid=12106 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AUID=...
type=USER_ACCT msg=audit(1642441461.555:91): pid=12157 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AU...
type=USER_CMD msg=audit(1642441461.555:92): pid=12157 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='cwd="/testpath" cmd=6C657373202F7661722F6C6F672F61756469742F61756469742E6C6F67 exe="/usr/bin/sudo" terminal=pts/1 res=success'
UID="dog...
type=CRED_REFR msg=audit(1642441461.555:93): pid=12157 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="dog...
type=USER_START msg=audit(1642441461.555:94): pid=12157 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_open grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal...
type=USER_ACCT msg=audit(1642441501.679:95): pid=12164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="unse...
type=CRED_ACQ msg=audit(1642441501.679:96): pid=12164 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="...
type=LOGIN msg=audit(1642441501.679:97): pid=12164 uid=0 subj=unconfined old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=21 res=1
UID="root" OLD-AUID="unset" AUID="root"
type=SYSCALL msg=audit(1642441501.679:97): arch=c000003e syscall=1 success=yes exit=1 a0=7 a1=7ffdf543f180 a2=1 a3=7fccdc9c1030 items=0 ppid=934 pid=12164 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=21 comm="cron" ex...
type=PROCTITLE msg=audit(1642441501.679:97): proctitle=2F7573722F7362696E2F43524F4E002D66002D50
type=USER_START msg=audit(1642441501.679:98): pid=12164 uid=0 auid=0 ses=21 subj=unconfined msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? ter...
type=CRED_DISP msg=audit(1642441501.679:99): pid=12164 uid=0 auid=0 ses=21 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="root"
type=USER_END msg=audit(1642441501.683:100): pid=12164 uid=0 auid=0 ses=21 subj=unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? ter...
type=USER_END msg=audit(1642441622.434:101): pid=12157 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal...
type=CRED_DISP msg=audit(1642441622.434:102): pid=12157 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AUID...
type=USER_ACCT msg=audit(1642442084.138:103): pid=12410 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" A...
type=USER_CMD msg=audit(1642442084.138:104): pid=12410 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='cwd="/home/doge/Code/Audit-Log" cmd=6370202F7661722F6C6F672F61756469742F61756469742E6C6F67202E exe="/usr/bin/sudo" terminal=pts/1 res=...
type=CRED_REFR msg=audit(1642442084.142:105): pid=12410 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="do...
type=USER_START msg=audit(1642442084.142:106): pid=12410 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_open grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? termina...
type=USER_END msg=audit(1642442084.142:107): pid=12410 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal...
type=CRED_DISP msg=audit(1642442084.142:108): pid=12410 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AUID...
type=USER_ACCT msg=audit(1642442101.690:109): pid=12416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="uns...
type=CRED_ACQ msg=audit(1642442101.690:110): pid=12416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID=...
type=LOGIN msg=audit(1642442101.690:111): pid=12416 uid=0 subj=unconfined old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=22 res=1
UID="root" OLD-AUID="unset" AUID="root"
type=SYSCALL msg=audit(1642442101.690:111): arch=c000003e syscall=1 success=yes exit=1 a0=7 a1=7ffdf543f180 a2=1 a3=7fccdc9c1030 items=0 ppid=934 pid=12416 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=22 comm="cron" e...
type=PROCTITLE msg=audit(1642442101.690:111): proctitle=2F7573722F7362696E2F43524F4E002D66002D50
type=USER_START msg=audit(1642442101.690:112): pid=12416 uid=0 auid=0 ses=22 subj=unconfined msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? te...
type=CRED_DISP msg=audit(1642442101.690:113): pid=12416 uid=0 auid=0 ses=22 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="root"
type=USER_END msg=audit(1642442101.690:114): pid=12416 uid=0 auid=0 ses=22 subj=unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? ter...
type=SERVICE_START msg=audit(1642442112.442:115): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="...
type=SERVICE_STOP msg=audit(1642442123.074:116): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="u...
type=USER_ACCT msg=audit(1642442173.990:117): pid=12445 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" A...
type=USER_CMD msg=audit(1642442173.994:118): pid=12445 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='cwd="/home/doge/Code/Audit-Log" cmd=63686F776E20646F67653A646F67652061756469742E6C6F67 exe="/usr/bin/sudo" terminal=pts/1 res=success'...
type=CRED_REFR msg=audit(1642442173.994:119): pid=12445 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="do...
type=USER_START msg=audit(1642442173.994:120): pid=12445 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_open grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? termina...
type=USER_END msg=audit(1642442173.998:121): pid=12445 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_close grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal...
type=CRED_DISP msg=audit(1642442173.998:122): pid=12445 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" AUID...
type=USER_ACCT msg=audit(1642442701.702:123): pid=12757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="uns...
type=CRED_ACQ msg=audit(1642442701.702:124): pid=12757 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID=...
type=LOGIN msg=audit(1642442701.702:125): pid=12757 uid=0 subj=unconfined old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=23 res=1
UID="root" OLD-AUID="unset" AUID="root"
type=SYSCALL msg=audit(1642442701.702:125): arch=c000003e syscall=1 success=yes exit=1 a0=7 a1=7ffdf543f180 a2=1 a3=7fccdc9c1030 items=0 ppid=934 pid=12757 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=23 comm="cron" e...
type=PROCTITLE msg=audit(1642442701.702:125): proctitle=2F7573722F7362696E2F43524F4E002D66002D50
type=USER_START msg=audit(1642442701.706:126): pid=12757 uid=0 auid=0 ses=23 subj=unconfined msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? te...
type=CRED_DISP msg=audit(1642442701.706:127): pid=12757 uid=0 auid=0 ses=23 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="root"
type=USER_END msg=audit(1642442701.706:128): pid=12757 uid=0 auid=0 ses=23 subj=unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? ter...
type=USER_ACCT msg=audit(1642443301.714:129): pid=12909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="uns...
type=CRED_ACQ msg=audit(1642443301.714:130): pid=12909 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID=...
type=LOGIN msg=audit(1642443301.714:131): pid=12909 uid=0 subj=unconfined old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=24 res=1
UID="root" OLD-AUID="unset" AUID="root"
type=SYSCALL msg=audit(1642443301.714:131): arch=c000003e syscall=1 success=yes exit=1 a0=7 a1=7ffdf543f180 a2=1 a3=7fccdc9c1030 items=0 ppid=934 pid=12909 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=24 comm="cron" e...
type=PROCTITLE msg=audit(1642443301.714:131): proctitle=2F7573722F7362696E2F43524F4E002D66002D50
type=USER_START msg=audit(1642443301.714:132): pid=12909 uid=0 auid=0 ses=24 subj=unconfined msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? te...
type=CRED_DISP msg=audit(1642443301.714:133): pid=12909 uid=0 auid=0 ses=24 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="root"
t/audit.log view on Meta::CPAN
type=CRED_ACQ msg=audit(1642447801.837:204): pid=14537 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID=...
type=LOGIN msg=audit(1642447801.837:205): pid=14537 uid=0 subj=unconfined old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=35 res=1
UID="root" OLD-AUID="unset" AUID="root"
type=SYSCALL msg=audit(1642447801.837:205): arch=c000003e syscall=1 success=yes exit=1 a0=7 a1=7ffdf543f180 a2=1 a3=7fccdc9c1030 items=0 ppid=934 pid=14537 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=35 comm="cron" e...
type=PROCTITLE msg=audit(1642447801.837:205): proctitle=2F7573722F7362696E2F43524F4E002D66002D50
type=USER_START msg=audit(1642447801.837:206): pid=14537 uid=0 auid=0 ses=35 subj=unconfined msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? te...
type=CRED_DISP msg=audit(1642447801.837:207): pid=14537 uid=0 auid=0 ses=35 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="root"
type=USER_END msg=audit(1642447801.837:208): pid=14537 uid=0 auid=0 ses=35 subj=unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? ter...
type=SERVICE_START msg=audit(1642447922.357:209): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=anacron comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="unset"
type=SERVICE_STOP msg=audit(1642447922.361:210): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=anacron comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="unset"
type=USER_ACCT msg=audit(1642448101.844:211): pid=14594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="uns...
type=CRED_ACQ msg=audit(1642448101.844:212): pid=14594 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID=...
type=LOGIN msg=audit(1642448101.844:213): pid=14594 uid=0 subj=unconfined old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=36 res=1
UID="root" OLD-AUID="unset" AUID="root"
type=SYSCALL msg=audit(1642448101.844:213): arch=c000003e syscall=1 success=yes exit=1 a0=7 a1=7ffdf543f180 a2=1 a3=7fccdc9c1030 items=0 ppid=934 pid=14594 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=36 comm="cron" e...
type=PROCTITLE msg=audit(1642448101.844:213): proctitle=2F7573722F7362696E2F43524F4E002D66002D50
type=USER_START msg=audit(1642448101.844:214): pid=14594 uid=0 auid=0 ses=36 subj=unconfined msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? te...
type=CRED_DISP msg=audit(1642448101.844:215): pid=14594 uid=0 auid=0 ses=36 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="root"
type=USER_END msg=audit(1642448101.844:216): pid=14594 uid=0 auid=0 ses=36 subj=unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? ter...
type=USER_ACCT msg=audit(1642448701.852:217): pid=14711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="uns...
type=CRED_ACQ msg=audit(1642448701.852:218): pid=14711 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID=...
type=LOGIN msg=audit(1642448701.852:219): pid=14711 uid=0 subj=unconfined old-auid=4294967295 auid=0 tty=(none) old-ses=4294967295 ses=37 res=1
UID="root" OLD-AUID="unset" AUID="root"
type=SYSCALL msg=audit(1642448701.852:219): arch=c000003e syscall=1 success=yes exit=1 a0=7 a1=7ffdf543f180 a2=1 a3=7fccdc9c1030 items=0 ppid=934 pid=14711 auid=0 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=(none) ses=37 comm="cron" e...
type=PROCTITLE msg=audit(1642448701.852:219): proctitle=2F7573722F7362696E2F43524F4E002D66002D50
type=USER_START msg=audit(1642448701.856:220): pid=14711 uid=0 auid=0 ses=37 subj=unconfined msg='op=PAM:session_open grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? te...
type=CRED_DISP msg=audit(1642448701.856:221): pid=14711 uid=0 auid=0 ses=37 subj=unconfined msg='op=PAM:setcred grantors=pam_permit acct="root" exe="/usr/sbin/cron" hostname=? addr=? terminal=cron res=success'
UID="root" AUID="root"
type=USER_END msg=audit(1642448701.856:222): pid=14711 uid=0 auid=0 ses=37 subj=unconfined msg='op=PAM:session_close grantors=pam_loginuid,pam_env,pam_env,pam_permit,pam_umask,pam_unix,pam_limits acct="root" exe="/usr/sbin/cron" hostname=? addr=? ter...
type=SERVICE_START msg=audit(1642448992.440:223): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="...
type=SERVICE_STOP msg=audit(1642449003.084:224): pid=1 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='unit=NetworkManager-dispatcher comm="systemd" exe="/usr/lib/systemd/systemd" hostname=? addr=? terminal=? res=success'
UID="root" AUID="u...
type=SYSCALL msg=audit(1642449025.700:225): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=556754f22ce0 a2=0 a3=0 items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000...
type=CWD msg=audit(1642449025.700:225): cwd="/testpath"
type=PATH msg=audit(1642449025.700:225): item=0 name="backups/test.txt" inode=10881995 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:225): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:226): arch=c000003e syscall=89 success=no exit=-22 a0=7ffc7917e020 a1=7ffc7917f080 a2=fff a3=21 items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsg...
type=CWD msg=audit(1642449025.700:226): cwd="/testpath"
type=PATH msg=audit(1642449025.700:226): item=0 name="backups/test.txt" inode=10881995 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:226): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:227): arch=c000003e syscall=257 success=yes exit=4 a0=ffffff9c a1=5567551b4090 a2=c2 a3=180 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1...
type=CWD msg=audit(1642449025.700:227): cwd="/testpath"
type=PATH msg=audit(1642449025.700:227): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449025.700:227): item=1 name="backups/.test.txt.swp" inode=10881809 dev=103:02 mode=0100600 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:227): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:228): arch=c000003e syscall=257 success=yes exit=5 a0=ffffff9c a1=556754f238b0 a2=c2 a3=180 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1...
type=CWD msg=audit(1642449025.700:228): cwd="/testpath"
type=PATH msg=audit(1642449025.700:228): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449025.700:228): item=1 name="backups/.test.txt.swx" inode=10881889 dev=103:02 mode=0100600 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:228): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:229): arch=c000003e syscall=87 success=yes exit=0 a0=556754f238b0 a1=7f0a20d2ccd6 a2=0 a3=1000 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgi...
type=CWD msg=audit(1642449025.700:229): cwd="/testpath"
type=PATH msg=audit(1642449025.700:229): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449025.700:229): item=1 name="backups/.test.txt.swx" inode=10881889 dev=103:02 mode=0100600 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:229): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:230): arch=c000003e syscall=87 success=yes exit=0 a0=5567551b4090 a1=7f0a20d2ccd6 a2=0 a3=1000 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgi...
type=CWD msg=audit(1642449025.700:230): cwd="/testpath"
type=PATH msg=audit(1642449025.700:230): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449025.700:230): item=1 name="backups/.test.txt.swp" inode=10881809 dev=103:02 mode=0100600 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:230): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:231): arch=c000003e syscall=257 success=yes exit=4 a0=ffffff9c a1=5567551b4090 a2=200c2 a3=180 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgi...
type=CWD msg=audit(1642449025.700:231): cwd="/testpath"
type=PATH msg=audit(1642449025.700:231): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449025.700:231): item=1 name="backups/.test.txt.swp" inode=10881809 dev=103:02 mode=0100600 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:231): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:232): arch=c000003e syscall=90 success=yes exit=0 a0=5567551b4090 a1=1a4 a2=556754576420 a3=5567545763a0 items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid...
type=CWD msg=audit(1642449025.700:232): cwd="/testpath"
type=PATH msg=audit(1642449025.700:232): item=0 name="backups/.test.txt.swp" inode=10881809 dev=103:02 mode=0100600 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:232): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449025.700:233): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=556754f22ce0 a2=0 a3=0 items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000...
type=CWD msg=audit(1642449025.700:233): cwd="/testpath"
type=PATH msg=audit(1642449025.700:233): item=0 name="backups/test.txt" inode=10881995 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449025.700:233): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.256:234): arch=c000003e syscall=191 success=no exit=-61 a0=556754f22ce0 a1=7f0a21316000 a2=7ffc7917fd80 a3=84 items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgi...
type=CWD msg=audit(1642449028.256:234): cwd="/testpath"
type=PATH msg=audit(1642449028.256:234): item=0 name="backups/test.txt" inode=10881995 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.256:234): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.256:235): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=556754f17500 a2=200c1 a3=81fd items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsg...
type=CWD msg=audit(1642449028.256:235): cwd="/testpath"
type=PATH msg=audit(1642449028.256:235): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.256:235): item=1 name="backups/4913" inode=10881889 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.256:235): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.256:236): arch=c000003e syscall=93 success=yes exit=0 a0=3 a1=3e8 a2=3e8 a3=81fd items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pts2 se...
type=CWD msg=audit(1642449028.256:236): cwd="/testpath"
type=PATH msg=audit(1642449028.256:236): item=0 name=(null) inode=10881889 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.256:236): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.256:237): arch=c000003e syscall=87 success=yes exit=0 a0=556754f17500 a1=556754f17500 a2=7ffc79180110 a3=0 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1...
type=CWD msg=audit(1642449028.256:237): cwd="/testpath"
type=PATH msg=audit(1642449028.256:237): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.256:237): item=1 name="backups/4913" inode=10881889 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.256:237): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.256:238): arch=c000003e syscall=87 success=no exit=-2 a0=556754f8a530 a1=556754f8a530 a2=fffffffffffffea0 a3=0 items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sg...
type=CWD msg=audit(1642449028.256:238): cwd="/testpath"
type=PATH msg=audit(1642449028.256:238): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.256:238): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.256:239): arch=c000003e syscall=82 success=yes exit=0 a0=556754f22ce0 a1=556754f8a530 a2=fffffffffffffea0 a3=0 items=4 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sg...
type=CWD msg=audit(1642449028.256:239): cwd="/testpath"
type=PATH msg=audit(1642449028.256:239): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.256:239): item=1 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.256:239): item=2 name="backups/test.txt" inode=10881995 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.256:239): item=3 name="backups/test.txt~" inode=10881995 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.256:239): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.256:240): arch=c000003e syscall=257 success=yes exit=3 a0=ffffff9c a1=556754f22ce0 a2=41 a3=1fd items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1...
type=CWD msg=audit(1642449028.256:240): cwd="/testpath"
type=PATH msg=audit(1642449028.256:240): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.256:240): item=1 name="backups/test.txt" inode=10881889 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=CREATE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.256:240): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.264:241): arch=c000003e syscall=91 success=yes exit=0 a0=3 a1=81fd a2=7ffc7917fe30 a3=0 items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=...
type=CWD msg=audit(1642449028.264:241): cwd="/testpath"
type=PATH msg=audit(1642449028.264:241): item=0 name=(null) inode=10881889 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.264:241): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.264:242): arch=c000003e syscall=188 success=yes exit=0 a0=556754f22ce0 a1=7f0a21316000 a2=5567551ce620 a3=1c items=1 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid...
type=CWD msg=audit(1642449028.264:242): cwd="/testpath"
type=PATH msg=audit(1642449028.264:242): item=0 name="backups/test.txt" inode=10881889 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=NORMAL cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.264:242): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.264:243): arch=c000003e syscall=87 success=yes exit=0 a0=556754f8a530 a1=2d667475 a2=5567544e476b a3=0 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 ...
type=CWD msg=audit(1642449028.264:243): cwd="/testpath"
type=PATH msg=audit(1642449028.264:243): item=0 name="backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.264:243): item=1 name="backups/test.txt~" inode=10881995 dev=103:02 mode=0100775 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.264:243): proctitle=76696D006261636B7570732F746573742E747874
type=SYSCALL msg=audit(1642449028.264:244): arch=c000003e syscall=87 success=yes exit=0 a0=5567551ca560 a1=1 a2=1d a3=1 items=2 ppid=3386 pid=14813 auid=4294967295 uid=1000 gid=1000 euid=1000 suid=1000 fsuid=1000 egid=1000 sgid=1000 fsgid=1000 tty=pt...
type=CWD msg=audit(1642449028.264:244): cwd="/testpath"
type=PATH msg=audit(1642449028.264:244): item=0 name="/testpath/backups/" inode=10879922 dev=103:02 mode=040775 ouid=1000 ogid=1000 rdev=00:00 nametype=PARENT cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PATH msg=audit(1642449028.264:244): item=1 name="/testpath/backups/.test.txt.swp" inode=10881809 dev=103:02 mode=0100644 ouid=1000 ogid=1000 rdev=00:00 nametype=DELETE cap_fp=0 cap_fi=0 cap_fe=0 cap_fver=0 cap_frootid=0
OUID="doge" OGID="doge"
type=PROCTITLE msg=audit(1642449028.264:244): proctitle=76696D006261636B7570732F746573742E747874
type=USER_AUTH msg=audit(1642449044.180:245): pid=14821 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:authentication grantors=pam_permit,pam_cap acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
...
type=USER_ACCT msg=audit(1642449044.180:246): pid=14821 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:accounting grantors=pam_permit acct="doge" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="doge" A...
type=USER_CMD msg=audit(1642449044.180:247): pid=14821 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='cwd="/home/doge/Code/Audit-Log" cmd=6370202F7661722F6C6F672F61756469742F61756469742E6C6F6720742F exe="/usr/bin/sudo" terminal=pts/1 re...
type=CRED_REFR msg=audit(1642449044.180:248): pid=14821 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:setcred grantors=pam_permit,pam_cap acct="root" exe="/usr/bin/sudo" hostname=? addr=? terminal=/dev/pts/1 res=success'
UID="do...
type=USER_START msg=audit(1642449044.180:249): pid=14821 uid=1000 auid=4294967295 ses=4294967295 subj=unconfined msg='op=PAM:session_open grantors=pam_env,pam_env,pam_permit,pam_umask,pam_unix acct="root" exe="/usr/bin/sudo" hostname=? addr=? termina...
( run in 1.042 second using v1.01-cache-2.11-cpan-39bf76dae61 )