strat9_kernel/shell/commands/util/
audit.rs

1use super::*;
2use alloc::string::String;
3
4/// Display recent audit log entries.
5///
6/// Usage: `audit [count]`  (default: last 30 entries)
7pub fn cmd_audit(args: &[String]) -> Result<(), ShellError> {
8    let count: usize = if !args.is_empty() {
9        args[0].parse().unwrap_or(30)
10    } else {
11        30
12    };
13
14    let entries = crate::audit::recent(count);
15    let hz = crate::arch::x86_64::timer::TIMER_HZ;
16
17    if entries.is_empty() {
18        shell_println!("(no audit events)");
19        return Ok(());
20    }
21
22    shell_println!(
23        "{:>6} {:>8} {:>5} {:>5} {:>10} {}",
24        "SEQ",
25        "TIME",
26        "PID",
27        "SID",
28        "CATEGORY",
29        "MESSAGE"
30    );
31    for e in &entries {
32        let secs = e.tick / hz;
33        let cs = (e.tick % hz) * 100 / hz;
34        let cat = match e.category {
35            crate::audit::AuditCategory::Silo => "silo",
36            crate::audit::AuditCategory::Capability => "cap",
37            crate::audit::AuditCategory::Syscall => "syscall",
38            crate::audit::AuditCategory::Process => "process",
39            crate::audit::AuditCategory::Security => "security",
40        };
41        shell_println!(
42            "{:>6} {:>5}.{:02} {:>5} {:>5} {:>10} {}",
43            e.seq,
44            secs,
45            cs,
46            e.pid,
47            e.silo_id,
48            cat,
49            e.message
50        );
51    }
52    shell_println!("({} total events since boot)", crate::audit::total_count());
53    Ok(())
54}
strat9_kernel/shell/commands/util/audit.rs

strat9_kernel/shell/commands/util/
audit.rs
