<span class="pill kill-chain">proctitle</span>
<span class="pill kill-chain">msg</span>
<span class="pill kill-chain">type</span>
</div>
Data Source: Linux Auditd Proctitle
Description
Data source object for Linux Auditd Proctitle Type
Details
| Property | Value |
|---|---|
| Source | /var/log/audit/audit.log |
| Sourcetype | linux:audit |
Supported Apps
- Splunk Add-on for Unix and Linux (version 9.2.0)
Event Fields
Fields
Example Log
1type=PROCTITLE msg=audit(1722944427.844:4146): proctitle=63686D6F640037373700312E7368
Source: GitHub | Version: 1