Aaron Meihm

@jvehent it wouldn't be too bad, we'd just have a timer event that runs on an interval, scans the last time it was seen and creates an event if required

@carr123 yeah I believe what @arunk-s mentioned is the case, basically this project is more a library to integrate in your own application (that in turn would replace `auditd` on...

@sliceoflife07 thanks for the note on this Off hand you may want to verify you don't have another `auditd` or something running on the host. Aside from that we'd need...

@DahuK I think it does sound reasonable to try to eliminate that allocation each time if we can. Have a look at the branch in https://github.com/mozilla/libaudit-go/tree/recv-buffer https://github.com/mozilla/libaudit-go/commit/f50f0488a171211e175a555ae3b5ec7d8d153b5c This adds a...

No problem, feel free to try it out and I'd be interested in knowing if it improves performance for you If it does we can look at reorganizing the code...

@yurivict thanks for the note on this Yeah this would be a nice feature -- our intent was focused on Linux audit, but this could probably be adapted to BSD...