auditd

package
v0.0.0-...-221c3f5 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: May 16, 2026 License: AGPL-3.0 Imports: 13 Imported by: 0

Documentation

Overview

Package auditd provides a native collector for Linux Audit Framework events. It uses go-libaudit to receive events via netlink multicast and reassembles them before sending to the log queue.

Index

Constants

This section is empty.

Variables

View Source 
var ErrAuditUnavailable = errors.New("audit subsystem unavailable in this environment")

Functions

This section is empty.

Types

type AuditdCollector 

type AuditdCollector struct {
	// contains filtered or unexported fields
}

AuditdCollector collects Linux Audit events via netlink multicast

func New 

func New() *AuditdCollector

New creates a new AuditdCollector

func (*AuditdCollector) Name 

func (a *AuditdCollector) Name() string

Name returns the collector name

func (*AuditdCollector) Start 

func (a *AuditdCollector) Start(ctx context.Context, queue chan *plugins.Log)

Start begins collecting audit events and sending them to the queue

func (*AuditdCollector) Stop 

func (a *AuditdCollector) Stop()

Stop stops the collector

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.