arg Token
The arg token contains system call argument information. A 32-bit integer system call argument is allowed in an audit record. The fields are:
-
A token ID
-
An argument ID of the relevant system call argument
-
The argument value
-
The length of an optional descriptive text string (does not show)
-
An optional text string
The following figure shows the token format.
Figure B-4 arg Token Format
An arg token is displayed by praudit as follows:
argument,2,0x3,cmd
- © 2010, Oracle Corporation and/or its affiliates