ausearch 如何同時指定時間和日期

我可以ausearch根據時間執行：

sudo ausearch --start '16:48:07'

或日期：

sudo ausearch --start '05/07/2019'

但不是兩者：

> sudo ausearch --start '05/07/2019 16:48:07'
Invalid start time (05/07/2019 16:48:07). Hour, Minute, and Second are required.

手冊頁清楚地暗示您可以指定日期或時間或兩者都指定，但沒有兩者的範例。

如何在ausearch指定日期和時間的情況下執行？

日期和時間應該是單獨的參數：

sudo ausearch --start 05/07/2019 '16:48:07'

我在網上找到了一個例子，但更細心的讀者可能會在手冊頁中看到這個：

      -ts, --start [start-date] [start-time]
             Search for events with time stamps equal to or after  the  given
             start  time. The format of start time depends on your locale. If
             the date is omitted, today is assumed. If the time  is  omitted,
             midnight is assumed. Use 24 hour clock time rather than AM or PM
             to specify time. An example date using the en_US.utf8 locale  is
             09/03/2009.  An  example  of  time  is 18:00:00. The date format
             accepted is influenced by the LC_TIME environmental variable.

注意-ts, --start [start-date] [start-time]，顯然有兩個可選參數，而不是一個。

引用自：https://unix.stackexchange.com/questions/517869