Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
I am using ausearch to parse my audit data. I would like to look for files with etc and var in the title or path. I can search each separately using -f etc or -f var. How can I combine them to make one search?
In my original question, I wanted directories that had etc and var in the paths. My mistake. I would like to search for auditable events that have either etc or var in the path. I can try the || as suggested but I am probably sure this will not work. Is there a logical separation that will identify "or" as the separator or is "||" the "or" separator?