auparse_get_timestamp — access timestamp of the event
Synopsis
#include <auparse.h>
const au_event_t *auparse_get_timestamp(auparse_state_t *au);
Description
auparse_get_timestamp provides an accessor function for the event's timestamp data structure. The data structure is as follows:
typedef struct { time_t sec; // Event seconds unsigned int milli; // millisecond of the timestamp unsigned long serial; // Serial number of the event const char *host; // Machine's node name } au_event_t;
Return Value
Returns NULL if an error occurs; otherwise, a valid pointer to the data.
See Also
auparse_get_time(3), auparse_get_milli(3), auparse_get_serial(3), auparse_get_node(3), auparse_timestamp_compare(3).
Referenced By
auparse_get_milli(3), auparse_get_node(3), auparse_get_serial(3), auparse_get_time(3), auparse_node_compare(3), auparse_timestamp_compare(3).
Sept 2007 Red Hat Linux Audit API