ausyscall

Display syscall number of a specific system call

$ ausyscall [search_pattern]

$ ausyscall [system_call_number]

$ ausyscall [architecture] --dump

ausyscall [arch] name|number [--dump]

ausyscall maps between system call names and their numeric values. This is useful when analyzing audit logs, writing system call filters, or understanding strace output.
The tool supports multiple architectures and can display the complete syscall table for any supported platform.

--dump

Display all system calls for the specified architecture

Only match exact syscall names

System call numbers vary between architectures (x86, x86_64, ARM, etc.). When no architecture is specified, the current system's architecture is used. Part of the audit package.

ausyscall is part of the Linux Audit framework, developed to provide comprehensive system auditing capabilities. The audit system was originally developed by Red Hat.

auditctl(8), ausearch(8), strace(1), seccomp(2)