AUSEARCH_ADD_REGEX(3) Linux Audit API AUSEARCH_ADD_REGEX(3)NAMEausearch_add_regex - use regular expression search rule
SYNOPSIS
#include <auparse.h>
int ausearch_add_regex(auparse_state_t *au, const char *expr);
DESCRIPTIONausearch_add_regex adds one search condition based on regular expresâ
sions to the audit search API. The search conditions can then be used
to scan logs, files, or buffers for something of interest. You may not
use this in combination with any other search expression. The regular
expression follows the posix regular expression conventions. The search
results are at the record level and not the field.
RETURN VALUE
Returns -1 if an error occurs; otherwise, 0 for success.
SEE ALSOausearch_add_expression(3), ausearch_add_item(3), ausearch_clear(3),
ausearch_next_event(3), regcomp(3).
AUTHOR
Steve Grubb
Red Hat Sept 2007 AUSEARCH_ADD_REGEX(3)