tony@xxxxxxxxxxxxxxxxxxxxxxxxx wrote: >Hi guys, > >Im getting selinux alerts logged to audit.log, is there anyway to >parse the alerts via the command line to get human readable alerts? > >I have read that you can install setroubleshoot, but installs a huge >list of dependencies for use with the gui, but i dont have a gui >installed. > >Any ideas? > >Tony As well as audit2allow(1) and audit2why(8), there are the aureport(8) and ausearch(8) programs; they have a huge number of options, so take time to study the man pages, but "aureport --avc" will list all the selinux denials. Moray. "To err is human; to purr, feline." -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
