audit_name_to_errno - Linux


audit_name_to_errno translates an audit system call name to an error number. It is useful for understanding the relationship between the symbolic names and error numbers used in audit reports.


audit_name_to_errno [OPTIONS] <audit-syscall-name>


  • -h, –help: Display help information
  • -v, –version: Print version information


To translate the audit system call name open to an error number:

$ audit_name_to_errno open

To translate the error number 2 to an audit system call name:

$ audit_name_to_errno -v 2
open 2

Common Issues

  • Ensure that the audit system call name is spelled correctly.
  • If the translation fails, the audit system call name may not be valid.


audit_name_to_errno can be used in conjunction with other commands to analyze audit logs. For example, to search for all failed open system calls in an audit log:

ausearch -f | audit_name_to_errno open | grep -E "2$"

Related Commands

  • ausearch: Search audit trails
  • aureport: Generate human-readable audit reports