auparse_interpret_sock_family - Linux

Overview

auparse_interpret_sock_family interprets the AF_* constant in a sock_family field of an audit record and returns the corresponding string. This command provides a human-readable representation of the socket family used in the audit record.

Syntax

auparse_interpret_sock_family [sock_family]

Parameters

| Parameter | Description |
|—|—|
| sock_family | A decimal socket family number |

Options/Flags

None

Examples

# Interpret socket family 2
$ auparse_interpret_sock_family 2
INET

# Interpret socket family 23
$ auparse_interpret_sock_family 23
AF_UNIX

Common Issues

None

Integration

This command can be used with other Linux tools for analyzing audit logs, such as ausearch and aureport.

Related Commands

• aureport
• ausearch