arg Token
The arg token contains information about the arguments to a system call: the argument number of the system call, the argument value, and an optional description. This token allows a 32-bit integer system-call argument in an audit record. The arg token has five fields:
-
A token ID that identifies this token as an arg token
-
An argument ID that tells which system call argument that the token refers to
-
The argument value
-
The length of the descriptive text string
-
The text string
The praudit command displays the arg token as follows:
argument,1,0x00000000,addr |
The following figure shows the format of the arg token.
Figure 23–6 arg Token Format
- © 2010, Oracle Corporation and/or its affiliates