From df5afa4fcd9725380f94ca6476248d4cc24f889a Mon Sep 17 00:00:00 2001 From: Ashlee Young Date: Sun, 29 Nov 2015 08:22:13 -0800 Subject: v2.4.4 audit sources Change-Id: I9315a7408817db51edf084fb4d27fbb492785084 Signed-off-by: Ashlee Young --- framework/src/audit/docs/auparse_get_timestamp.3 | 36 ++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 framework/src/audit/docs/auparse_get_timestamp.3 (limited to 'framework/src/audit/docs/auparse_get_timestamp.3') diff --git a/framework/src/audit/docs/auparse_get_timestamp.3 b/framework/src/audit/docs/auparse_get_timestamp.3 new file mode 100644 index 00000000..71a66136 --- /dev/null +++ b/framework/src/audit/docs/auparse_get_timestamp.3 @@ -0,0 +1,36 @@ +.TH "AUPARSE_GET_TIMESTAMP" "3" "Sept 2007" "Red Hat" "Linux Audit API" +.SH NAME +auparse_get_timestamp \- access timestamp of the event +.SH "SYNOPSIS" +.B #include +.sp +const au_event_t *auparse_get_timestamp(auparse_state_t *au); + +.SH "DESCRIPTION" + +auparse_get_timestamp provides an accessor function for the event's timestamp data structure. The data structure is as follows: + +.nf +typedef struct +{ + time_t sec; // Event seconds + unsigned int milli; // millisecond of the timestamp + unsigned long serial; // Serial number of the event + const char *host; // Machine's node name +} au_event_t; +.fi + +.SH "RETURN VALUE" + +Returns NULL if an error occurs; otherwise, a valid pointer to the data. + +.SH "SEE ALSO" + +.BR auparse_get_time (3), +.BR auparse_get_milli (3), +.BR auparse_get_serial (3), +.BR auparse_get_node (3), +.BR auparse_timestamp_compare (3). + +.SH AUTHOR +Steve Grubb -- cgit 1.2.3-korg