ausearch
Verified for current stable LTS
Ausearch Commands
Ausearch command syntax with verified terminal examples.
Commands
7 commands for Ausearch
ausearch Search
Ausearch Command: Display Results Raw Format
sudo ausearch -m avc --raw ausearch Archive
Ausearch Command: Search Events Last 10 Minutes
sudo ausearch -ts recent ausearch HTTP
Ausearch Command: Search Events Specific Executable
sudo ausearch -c <httpd> ausearch Search
Ausearch Command: Search Events Specific File
sudo ausearch -f <path/to/file> ausearch Search
Ausearch Command: Search Events Specific User
sudo ausearch -ui <1000> ausearch Search
Ausearch Command: Search Failed Login Attempts
sudo ausearch -m user_login -sv no ausearch Search
Ausearch Command: Search Selinux Avc Denial Events
sudo ausearch -m avc Suggest a Ausearch Command
Submit missing workflows, corrections, or verified alternatives for this tool.
FAQ
Coverage: Focused examples for common Ausearch workflows.
Verified version: current stable LTS.
Verification: Test commands in a disposable workspace and submit notes for edge cases.