audit_name_to_errno - Linux

Overview

audit_name_to_errno translates an audit system call name to an error number. It is useful for understanding the relationship between the symbolic names and error numbers used in audit reports.

Syntax

audit_name_to_errno [OPTIONS] <audit-syscall-name>

Options/Flags

• -h, –help: Display help information
• -v, –version: Print version information

Examples

To translate the audit system call name open to an error number:

$ audit_name_to_errno open
2

To translate the error number 2 to an audit system call name:

$ audit_name_to_errno -v 2
open 2

Common Issues

• Ensure that the audit system call name is spelled correctly.
• If the translation fails, the audit system call name may not be valid.

Integration

audit_name_to_errno can be used in conjunction with other commands to analyze audit logs. For example, to search for all failed open system calls in an audit log:

ausearch -f | audit_name_to_errno open | grep -E "2$"

Related Commands

• ausearch: Search audit trails
• aureport: Generate human-readable audit reports