felipe/apparmor.d
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

doc: update aa-log usage.

Browse source
This commit is contained in:
Alexandre Pujol 2025-03-02 14:03:38 +01:00
parent 6c284435ae
commit 3f9fe25fd4
No known key found for this signature in database
GPG key ID: C5469996F0DF68EC
2 changed files with 8 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

6
cmd/aa-log/main.go
View file

@ -15,15 +15,15 @@ import (
"github.com/roddhjav/apparmor.d/pkg/logs" "github.com/roddhjav/apparmor.d/pkg/logs"
) )
const usage = `aa-log [-h] [--systemd] [--file file] [--rules | --raw] [profile] const usage = `aa-log [-h] [--systemd] [--file file] [--rules | --raw] [--since] [profile]
Review AppArmor generated messages in a colorful way. It supports logs from Review AppArmor generated messages in a colorful way. It supports logs from
auditd, systemd, syslog as well as dbus session events. auditd, systemd, syslog as well as dbus session events.
It can be given an optional profile name to filter the output with. It can be given an optional profile name to filter the output with.
Default logs are read from '/var/log/audit/audit.log'. Other files in Default logs are read from '/var/log/audit/audit.log'. Other files in
'/var/log/audit/' can easily be checked: 'aa-log -f 1' parses 'audit.log.1' '/var/log/audit/' can easily be checked: 'aa-log -f 1' parses 'audit.log.1'
Options: Options:
-h, --help Show this help message and exit. -h, --help Show this help message and exit.

9
docs/usage.md
View file

@ -116,15 +116,15 @@ profile dnsmasq {
### Help ### Help
``` ```
aa-log [-h] [--systemd] [--file file] [--rules | --raw] [profile] aa-log [-h] [--systemd] [--file file] [--rules | --raw] [--since] [profile]
Review AppArmor generated messages in a colorful way. Supports logs from Review AppArmor generated messages in a colorful way. It supports logs from
auditd, systemd, syslog as well as dbus session events. auditd, systemd, syslog as well as dbus session events.
It can be given an optional profile name to filter the output with. It can be given an optional profile name to filter the output with.
Default logs are read from '/var/log/audit/audit.log'. Other files in Default logs are read from '/var/log/audit/audit.log'. Other files in
'/var/log/audit/' can easily be checked: 'aa-log -f 1' parses 'audit.log.1' '/var/log/audit/' can easily be checked: 'aa-log -f 1' parses 'audit.log.1'
Options: Options:
-h, --help Show this help message and exit. -h, --help Show this help message and exit.
@ -132,4 +132,5 @@ Options:
-s, --systemd Parse systemd logs from journalctl. -s, --systemd Parse systemd logs from journalctl.
-r, --rules Convert the log into AppArmor rules. -r, --rules Convert the log into AppArmor rules.
-R, --raw Print the raw log without any formatting. -R, --raw Print the raw log without any formatting.
-S, --since DATE Show entries not older than the specified date.
``` ```