arg Token
The arg token contains system call argument information: the argument number of the system call, the augment value, and an optional description. This token allows a 32-bit integer system-call argument in an audit record. The arg token has five fields:
-
a token ID that identifies this token as an arg token
-
an argument ID that tells which system call argument the token refers to
-
the argument value
-
the length of the descriptive text string
-
the text string
The praudit command displays the arg token as follows:
argument,1,0x00000000,addr |
The following figure shows the format of the arg token.
Figure 25–6 arg Token Format
- © 2010, Oracle Corporation and/or its affiliates