Re: [Crash-utility] feature to dump audit logs in vmcore

> > Anyway, I definitely don't see it as a top-level built-in command. Perhaps you could > > argue for an option to an existing command -- "ps", "log" or "sys" maybe? > > > > Yes, I never definitely need the name "dumpaudit. > > I think log command is best suited in meaning for audit logs. > > By the way. I don't understand why you listed ps command first. > I don't find any similarity to ps command with audit. It was just an off-the-top-of-my-head suggestion, where I thought of it because auditing is often concerned with process-related events. But given there are other kinds of things that get audited, I agree that "log" is more suitable.