The plugin writes basic information about rpm transactions to the audit log - like packages installed or removed. The entries can be viewed with
ausearch -m SOFTWARE_UPDATE
The entries in the audit log have the following fields:
Possible values Description
install/update/remove package operation
name-version-release.arch of the package
0/1 are signatures being enforced
0/1 result of signature check (0 == fail / 1 ==success)
Root directory of the operation, normally "/"
"rpm" package format
There are currently no options for this plugin in particular. See rpm-plugins(8) on how to control plugins in general.