From 19d701ddf07d855128ded0cf2b573ce468e3bdd6 Mon Sep 17 00:00:00 2001 From: Ashlee Young Date: Wed, 20 Jan 2016 01:10:01 +0000 Subject: Removing Suricata and Audit from source repo, and updated build.sh to avoid building suricata. Will re-address this in C release via tar balls. Change-Id: I3710076f8b7f3313cb3cb5260c4eb0a6834d4f6e Signed-off-by: Ashlee Young --- framework/src/audit/docs/ausearch_add_expression.3 | 71 ---------------------- 1 file changed, 71 deletions(-) delete mode 100644 framework/src/audit/docs/ausearch_add_expression.3 (limited to 'framework/src/audit/docs/ausearch_add_expression.3') diff --git a/framework/src/audit/docs/ausearch_add_expression.3 b/framework/src/audit/docs/ausearch_add_expression.3 deleted file mode 100644 index c3c17c9d..00000000 --- a/framework/src/audit/docs/ausearch_add_expression.3 +++ /dev/null @@ -1,71 +0,0 @@ -.TH "AUSEARCH_ADD_expression" "3" "Feb 2008" "Red Hat" "Linux Audit API" -.SH NAME -ausearch_add_expression \- build up search expression -.SH "SYNOPSIS" -.B #include - -\fBint ausearch_add_expression(auparse_state_t *\fIau\fB, -const char *\fIexpression\fB, char **\fIerror\fB, ausearch_rule_t \fIhow\fB);\fR - -.SH "DESCRIPTION" - -.B ausearch_add_item -adds an expression to the current audit search expression. -The search conditions can then be used to scan logs, files, or buffers -for something of interest. -The -.I expression -parameter contains an expression, as specified in -.BR ausearch\-expression (5). - -The -.I how -parameter determines -how this search expression will affect the existing search expression, -if one is already defined. -The possible values are: -.RS -.TP -.I AUSEARCH_RULE_CLEAR -Clear the current search expression, if any, -and use only this search expression. -.TP -.I AUSEARCH_RULE_OR -If a search expression -.I E -is already configured, -replace it by \fB(\fIE\fB || \fIthis_search_expression\fB)\fR. -.TP -.I AUSEARCH_RULE_AND -If a search expression -.I E -is already configured, -replace it by \fB(\fIE\fB && \fIthis_search_expression\fB)\fR. -.RE - -.SH "RETURN VALUE" - -If successful, -.B ausearch_add_expression -returns 0. -Otherwise, it returns \-1, sets -.B errno -and it may set \fB*\fIerror\fR to an error message; -the caller must free the error message using -.BR free (3). -If an error message is not available or can not be allocated, \fB*\fIerror\fR -is set to \fBNULL\fR. - -.SH "SEE ALSO" - -.BR ausearch_add_item (3), -.BR ausearch_add_interpreted_item (3), -.BR ausearch_add_timestamp_item (3), -.BR ausearch_add_regex (3), -.BR ausearch_set_stop (3), -.BR ausearch_clear (3), -.BR ausearch_next_event (3), -.BR ausearch\-expression (5). - -.SH AUTHOR -Miloslav Trmac -- cgit 1.2.3-korg