IPv4 & IPv6 connections - Parsing/Logging Format Conundrum #153
Description
Hello,
Just wanted to take a moment to appreciate and thank you for this wonderful work as the audit.rules here is the one we used as a reference to adapt and create an auditing baseline for auditing our Linux fleet of machines in-order to achieve the goal of logging for further SIEM analysis. This has been incredibly useful for us so far in the testing phase.
However, I have observed that the logging of ipv4 & ipv6 connections are in a format which isn't human readable and need some parsing as I understand. Pardon my ignorance if I'm wrong here.
Could you please help me understand on how to parse those or, change the audit config in such a way to help us log it in a "dotted-decimal" format for easy analysis?
Regards,
Abel