PURPOSE of /CoreOS/audit/Sanity/options-log-format
Description: Sanity of log_format option of auditd 
Author: Ondrej Moris <omoris@redhat.com>

Test that log_format options of auditd works as expected.

The log_format describes how the information should be stored on disk.
There are 2 options and 1 depreated: 

  * NOLOG    - deprecated, if you are setting this format, now you should set 
               the write_logs option to no;

  * RAW      - the audit records will be stored in a format exactly as the 
               kernel sends it (default);

  * ENRICHED - will resolve all uid, gid, syscall,  architecture, and socket
               address information before writing the event to disk. This aids 
               in making sense of events created on one system but 
               reported/analized on another system.