Skip to content

Commit 2ff228f

Browse files
Saeid Hassan-AbadiSaeid Hassan-Abadi
Saeid Hassan-Abadi
authored and
Saeid Hassan-Abadi
committed
typo
1 parent a903897 commit 2ff228f

File tree

1 file changed

+1
-2
lines changed

1 file changed

+1
-2
lines changed

filter-10-selinux.conf

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,6 @@ filter {
33
add_tag => "selinux"
44
tag_on_failure => "selinux_failure"
55
overwrite => "[audit_type, audit_epoch, audit_counter]"
6-
match => [ "message", "type=%{DATA:selinux_audit_type} msg=audit\(%{NUMBER:selinux_audit_epoch}:%{NUMBER:selinux_audit_counter}\): avc:%{SPACE}%{SPACE}%{DATA:selinux_avc} \{ %{WORD:selinux_action} \} for pid=%{NUMBER:selinux_pid} comm=\"%{DATA:selinux_command}\" ((src=%{DATA:selinux_source})?|
7-
?(name=\"%{DATA:selinux_filename}\" dev=\"%{DATA:selinux_device}\" ino=%{NUMBER:selinux_inode})?) scontext=%{DATA:selinux_source_context} tcontext=%{DATA:selinux_target_context} tclass=%{DATA:selinux_target_class} permissive=%{NUMBER:selinux_permissive}" ]
6+
match => [ "message", "type=%{DATA:selinux_audit_type} msg=audit\(%{NUMBER:selinux_audit_epoch}:%{NUMBER:selinux_audit_counter}\): avc:%{SPACE}%{SPACE}%{DATA:selinux_avc} \{ %{WORD:selinux_action} \} for pid=%{NUMBER:selinux_pid} comm=\"%{DATA:selinux_command}\" ((src=%{DATA:selinux_source})?|(name=\"%{DATA:selinux_filename}\" dev=\"%{DATA:selinux_device}\" ino=%{NUMBER:selinux_inode})?) scontext=%{DATA:selinux_source_context} tcontext=%{DATA:selinux_target_context} tclass=%{DATA:selinux_target_class} permissive=%{NUMBER:selinux_permissive}" ]
87
}
98
}

0 commit comments

Comments
 (0)