auparse_get_timestamp — access timestamp of the event


#include <auparse.h>

const au_event_t *auparse_get_timestamp(auparse_state_t *au);


auparse_get_timestamp provides an accessor function for the event's timestamp data structure. The data structure is as follows:

typedef struct
        time_t sec;             // Event seconds
        unsigned int milli;     // millisecond of the timestamp
        unsigned long serial;   // Serial number of the event
        const char *host;       // Machine's node name
} au_event_t;

Return Value

Returns NULL if an error occurs; otherwise, a valid pointer to the data.

See Also

auparse_get_time(3), auparse_get_milli(3), auparse_get_serial(3), auparse_get_node(3), auparse_timestamp_compare(3).


Steve Grubb

Referenced By

auparse_get_milli(3), auparse_get_node(3), auparse_get_serial(3), auparse_get_time(3), auparse_node_compare(3), auparse_timestamp_compare(3).

Sept 2007 Red Hat Linux Audit API