AUPARSE_GET_TIMESTAMP(3) Linux Audit API AUPARSE_GET_TIMESTAMP(3)

auparse_get_timestamp - access timestamp of the event

#include <auparse.h>

const au_event_t *auparse_get_timestamp(auparse_state_t *au);

auparse_get_timestamp provides an accessor function for the event's timestamp data structure. The data structure is as follows:

typedef struct
{

time_t sec; // Event seconds
unsigned int milli; // millisecond of the timestamp
unsigned long serial; // Serial number of the event
const char *host; // Machine's node name } au_event_t;

Returns NULL if an error occurs; otherwise, a valid pointer to the data.

auparse_get_time(3), auparse_get_milli(3), auparse_get_serial(3), auparse_get_node(3), auparse_timestamp_compare(3).

Steve Grubb

Sept 2007 Red Hat