From f72fa135986186544b6125481bae4691ddd4dded Mon Sep 17 00:00:00 2001
From: Viacheslav Hletenko <v.gletenko@vyos.io>
Date: Tue, 4 Apr 2023 10:36:24 +0000
Subject: T5142: Add audit tool to monitor security-relevant events

---
 debian/control                      | 2 ++
 op-mode-definitions/show-log.xml.in | 6 ++++++
 2 files changed, 8 insertions(+)

diff --git a/debian/control b/debian/control
index 8cd49f62a..856f57030 100644
--- a/debian/control
+++ b/debian/control
@@ -35,6 +35,7 @@ Architecture: amd64 arm64
 Depends:
   ${python3:Depends},
   accel-ppp,
+  auditd,
   avahi-daemon,
   beep,
   bmon,
@@ -80,6 +81,7 @@ Depends:
   lcdproc,
   lcdproc-extra-drivers,
   libatomic1,
+  libauparse0,
   libbpf1 [amd64],
   libcharon-extra-plugins (>=5.9),
   libcharon-extauth-plugins (>=5.9),
diff --git a/op-mode-definitions/show-log.xml.in b/op-mode-definitions/show-log.xml.in
index 7f6469ca9..7663e4c00 100644
--- a/op-mode-definitions/show-log.xml.in
+++ b/op-mode-definitions/show-log.xml.in
@@ -8,6 +8,12 @@
         </properties>
         <command>journalctl --no-hostname --boot</command>
         <children>
+          <leafNode name="audit">
+            <properties>
+              <help>Show audit logs</help>
+            </properties>
+            <command>cat /var/log/audit/audit.log</command>
+          </leafNode>
           <leafNode name="all">
             <properties>
               <help>Show contents of all master log files</help>
-- 
cgit v1.2.3