Timestamp in ausearch command is not visible properly in terminal window of non-linux based operating system.

Solution Unverified - Updated -

Issue

  • ausearch command is showing incorrect/garbage output of time stamp when accessed via Terminus application on Mac OS.
    Note: Issue is visible on different terminal applications on non-linux based operating systems where character encoding is not properly set.

  • ausearch -i --input /var/log/audit/audit.log | less is showing time stamps like (']A') below:

type=SERVICE_STOP msg=audit(12/08/2022 ]A.045:83) : pid=1 uid=root auid=unset ses=unset subj=system_u:system_r:init_t:s0 msg='unit=systemd-hostnamed comm=systemd exe=/usr/lib/systemd/systemd hostname=? addr=? terminal=? res=success' 
----
type=BPF msg=audit(12/08/2022 ]A.055:84) : prog-id=37 op=UNLOAD 
----
type=BPF msg=audit(12/08/2022 ]A.055:85) : prog-id=36 op=UNLOAD

Environment

  • Accessing RHEL via Mac OS or Windows terminal application where character encoding is not properly set.

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content