diff --git a/libraries/libapparmor/src/grammar.y b/libraries/libapparmor/src/grammar.y
index 5e118994a..7b4bbe360 100644
--- a/libraries/libapparmor/src/grammar.y
+++ b/libraries/libapparmor/src/grammar.y
@@ -79,10 +79,10 @@ aa_record_event_type lookup_aa_event(unsigned int type)
 	long	t_long;
 }
 
-%type <t_str> old_profile safe_string protocol
+%type <t_str> safe_string protocol
 %token <t_long> TOK_DIGITS TOK_TYPE_UNKNOWN
-%token <t_str> TOK_QUOTED_STRING TOK_PATH TOK_ID TOK_NULL_COMPLAIN TOK_MODE TOK_DMESG_STAMP
-%token <t_str> TOK_SINGLE_QUOTED_STRING TOK_AUDIT_DIGITS TOK_DATE_MONTH TOK_DATE_TIME
+%token <t_str> TOK_QUOTED_STRING TOK_ID TOK_MODE TOK_DMESG_STAMP
+%token <t_str> TOK_AUDIT_DIGITS TOK_DATE_MONTH TOK_DATE_TIME
 %token <t_str> TOK_HEXSTRING TOK_TYPE_OTHER TOK_MSG_REST
 
 %token TOK_EQUALS
@@ -105,31 +105,6 @@ aa_record_event_type lookup_aa_event(unsigned int type)
 %token TOK_TYPE_AA_STATUS
 %token TOK_TYPE_AA_ERROR
 %token TOK_TYPE_LSM_AVC
-%token TOK_OLD_TYPE_APPARMOR
-%token TOK_OLD_APPARMOR_REJECT
-%token TOK_OLD_APPARMOR_PERMIT
-%token TOK_OLD_APPARMOR_AUDIT
-%token TOK_OLD_APPARMOR_LOGPROF_HINT
-%token TOK_OLD_UNKNOWN_HAT
-%token TOK_OLD_ACTIVE
-%token TOK_OLD_UNKNOWN_PROFILE
-%token TOK_OLD_MISSING_PROFILE
-%token TOK_OLD_CHANGING_PROFILE
-%token TOK_OLD_ACCESS
-%token TOK_OLD_TO
-%token TOK_OLD_FROM
-%token TOK_OLD_PIPE
-%token TOK_OLD_EXTENDED
-%token TOK_OLD_ATTRIBUTE
-%token TOK_OLD_ON
-%token TOK_OLD_MKDIR
-%token TOK_OLD_RMDIR
-%token TOK_OLD_XATTR
-%token TOK_OLD_CHANGE
-%token TOK_OLD_SYSCALL
-%token TOK_OLD_LINK
-%token TOK_OLD_FORK
-%token TOK_OLD_CHILD
 
 %token TOK_KEY_APPARMOR
 %token TOK_KEY_TYPE
@@ -147,7 +122,6 @@ aa_record_event_type lookup_aa_event(unsigned int type)
 %token TOK_KEY_PID
 %token TOK_KEY_PROFILE
 %token TOK_AUDIT
-%token TOK_KEY_IMAGE
 %token TOK_KEY_FAMILY
 %token TOK_KEY_SOCK_TYPE
 %token TOK_KEY_PROTOCOL
@@ -172,15 +146,10 @@ log_message: audit_type
 
 audit_type: TOK_KEY_TYPE TOK_EQUALS type_syntax ;
 
-type_syntax: old_syntax { ret_record->version = AA_RECORD_SYNTAX_V1; }
-	| new_syntax { ret_record->version = AA_RECORD_SYNTAX_V2; }
+type_syntax: new_syntax { ret_record->version = AA_RECORD_SYNTAX_V2; }
 	| other_audit
 	;
 
-old_syntax: TOK_OLD_TYPE_APPARMOR audit_msg old_msg
-	| TOK_TYPE_UNKNOWN audit_msg old_msg
-	;
-
 new_syntax:
 	  TOK_TYPE_AA_REJECT audit_msg key_list { ret_record->event = AA_RECORD_DENIED; }
 	| TOK_TYPE_AA_AUDIT audit_msg key_list { ret_record->event = AA_RECORD_AUDIT; }
@@ -201,9 +170,7 @@ other_audit: TOK_TYPE_OTHER audit_msg TOK_MSG_REST
 	;
 
 syslog_type:
-	  syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id old_msg
-	  { ret_record->version = AA_RECORD_SYNTAX_V1; }
-	| syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id key_list
+	  syslog_date TOK_ID TOK_SYSLOG_KERNEL audit_id key_list
 	  { ret_record->version = AA_RECORD_SYNTAX_V2; }
 	| syslog_date TOK_ID TOK_SYSLOG_KERNEL key_type audit_id key_list
 	  { ret_record->version = AA_RECORD_SYNTAX_V2; }
@@ -215,167 +182,9 @@ syslog_type:
 
 /* when audit dispatches a message it doesn't prepend the audit type string */
 audit_dispatch:
-	audit_msg old_msg  { ret_record->version = AA_RECORD_SYNTAX_V1; }
 	audit_msg key_list { ret_record->version = AA_RECORD_SYNTAX_V2; }
 	;
 
-old_msg:
-	  old_permit_reject_type old_permit_reject_syntax
-	| TOK_OLD_APPARMOR_LOGPROF_HINT old_logprof_syntax { ret_record->event = AA_RECORD_HINT; }
-	;
-
-old_permit_reject_type:
-	  TOK_OLD_APPARMOR_REJECT { ret_record->event = AA_RECORD_DENIED; }
-	| TOK_OLD_APPARMOR_PERMIT { ret_record->event = AA_RECORD_ALLOWED; }
-	| TOK_OLD_APPARMOR_AUDIT  { ret_record->event = AA_RECORD_AUDIT; }
-	;
-
-old_permit_reject_syntax:
-	  TOK_MODE TOK_OLD_ACCESS old_permit_reject_path_pipe_extended
-		TOK_OPEN_PAREN old_process_state TOK_CLOSE_PAREN
-	{
-		ret_record->requested_mask = $1;
-		ret_record->operation = strdup("access");
-	}
-	| dir_action TOK_OLD_ON TOK_PATH
-		TOK_OPEN_PAREN old_process_state TOK_CLOSE_PAREN
-	{
-		ret_record->name = $3;
-	}
-	| TOK_OLD_XATTR TOK_ID TOK_OLD_ON TOK_PATH
-		TOK_OPEN_PAREN old_process_state TOK_CLOSE_PAREN
-	{
-		ret_record->operation = strdup("xattr");
-		ret_record->attribute = $2;
-		ret_record->name = $4;
-	}
-	| TOK_KEY_ATTRIBUTE TOK_OPEN_PAREN TOK_ID TOK_CLOSE_PAREN
-		TOK_OLD_CHANGE TOK_OLD_TO TOK_PATH
-		TOK_OPEN_PAREN old_process_state TOK_CLOSE_PAREN
-	{
-		ret_record->operation = strdup("setattr");
-		ret_record->attribute = $3;
-		ret_record->name = $7;
-	}
-	| TOK_OLD_ACCESS TOK_OLD_TO TOK_KEY_CAPABILITY TOK_SINGLE_QUOTED_STRING
-		TOK_OPEN_PAREN old_process_state TOK_CLOSE_PAREN
-	{
-		ret_record->operation = strdup("capability");
-		ret_record->name = $4;
-	}
-	| TOK_OLD_ACCESS TOK_OLD_TO TOK_OLD_SYSCALL TOK_SINGLE_QUOTED_STRING
-		TOK_OPEN_PAREN old_process_state TOK_CLOSE_PAREN
-	{
-		ret_record->operation = strdup("syscall");
-		ret_record->name = $4;
-	}
-	| TOK_OLD_LINK TOK_OLD_ACCESS TOK_OLD_FROM TOK_PATH TOK_OLD_TO TOK_PATH
-		TOK_OPEN_PAREN old_process_state TOK_CLOSE_PAREN
-	{
-		ret_record->requested_mask = strdup("l");
-		ret_record->name = $4;
-		ret_record->name2 = $6;
-	}
-	;
-
-dir_action:
-	  TOK_OLD_MKDIR { ret_record->operation = strdup("mkdir"); }
-	| TOK_OLD_RMDIR { ret_record->operation = strdup("rmdir"); }
-	;
-
-old_process_state:
-	  TOK_ID TOK_OPEN_PAREN TOK_ID TOK_CLOSE_PAREN old_profile_names
-	{
-		ret_record->info = $1;
-		ret_record->pid = atol($3);
-		free($3);
-	}
-	;
-
-old_profile_names:
-	  TOK_KEY_PROFILE old_profile TOK_OLD_ACTIVE old_profile
-	{	ret_record->profile = $2;
-		ret_record->active_hat = $4;
-	}
-	;
-
-old_permit_reject_path_pipe_extended:
-	  TOK_OLD_TO TOK_PATH
-		{
-			ret_record->name = $2;
-		}
-	| TOK_OLD_TO TOK_OLD_PIPE /* Frankly, I don't think this is used */
-		{
-			ret_record->info = strdup("pipe");
-		}
-	| TOK_OLD_EXTENDED TOK_KEY_ATTRIBUTE /* Nor this */
-		{
-			ret_record->info = strdup("extended attribute");
-		}
-	;
-old_logprof_syntax:
-	  old_logprof_syntax2 key_pid
-		TOK_KEY_PROFILE TOK_EQUALS old_profile TOK_OLD_ACTIVE TOK_EQUALS old_profile
-		{
-			ret_record->profile = strdup($5);
-			free($5);
-			ret_record->active_hat = strdup($8);
-			free($8);
-		}
-	| old_logprof_fork_syntax
-	| TOK_OLD_CHANGING_PROFILE key_pid
-	  { ret_record->profile = strdup("null-complain-profile"); }
-	;
-
-old_logprof_syntax2:
-	  TOK_OLD_UNKNOWN_PROFILE TOK_KEY_IMAGE TOK_EQUALS TOK_ID
-		{
-			ret_record->operation = strdup("profile_set");
-			ret_record->info = strdup("unknown profile");
-			ret_record->name = strdup($4);
-			free($4);
-		}
-	| TOK_OLD_MISSING_PROFILE TOK_KEY_IMAGE TOK_EQUALS TOK_ID
-		{
-			ret_record->operation = strdup("exec");
-			ret_record->info = strdup("mandatory profile missing");
-			ret_record->name = strdup($4);
-			free($4);
-		}
-	| TOK_OLD_UNKNOWN_HAT TOK_ID
-		{
-			ret_record->operation = strdup("change_hat");
-			ret_record->name = strdup($2);
-			free($2);
-			ret_record->info = strdup("unknown_hat");
-		}
-	;
-
-/* TODO: Clean this up */
-old_logprof_fork_syntax:
-	  TOK_OLD_FORK key_pid
-		TOK_OLD_CHILD TOK_EQUALS TOK_DIGITS old_logprof_fork_addition
-	{
-		ret_record->operation = strdup("clone");
-		ret_record->task = $5;
-	}
-	;
-
-old_logprof_fork_addition:
-	/* Nothin */
-	| TOK_KEY_PROFILE TOK_EQUALS old_profile TOK_OLD_ACTIVE TOK_EQUALS old_profile
-	{
-		ret_record->profile = $3;
-		ret_record->active_hat = $6;
-	}
-	;
-
-old_profile:
-	  TOK_PATH { $$ = $1; }
-	| TOK_ID   { $$ = $1; }
-	| TOK_NULL_COMPLAIN { $$ = strdup("null-complain-profile"); }
-	;
-
 audit_msg: TOK_KEY_MSG TOK_EQUALS audit_id
 	;
 
@@ -441,7 +250,7 @@ key: TOK_KEY_OPERATION TOK_EQUALS TOK_QUOTED_STRING
 	| TOK_KEY_COMM TOK_EQUALS TOK_QUOTED_STRING
 	{ ret_record->comm = $3;}
 	| TOK_KEY_APPARMOR TOK_EQUALS apparmor_event
-	| TOK_KEY_CAPABILITY TOK_EQUALS TOK_ID
+	| TOK_KEY_CAPABILITY TOK_EQUALS TOK_DIGITS
 	{ /* need to reverse map number to string, need to figure out
 	   * how to get auto generation of reverse mapping table into
 	   * autotools Makefile.  For now just drop assumming capname is
@@ -460,6 +269,11 @@ key: TOK_KEY_OPERATION TOK_EQUALS TOK_QUOTED_STRING
 	{ /* target was always name2 in the past */
 	  ret_record->name2 = $3;
 	}
+	| TOK_MSG_REST
+	{
+		ret_record->event = AA_RECORD_INVALID;
+		ret_record->info = $1;
+	}
 	;
 
 apparmor_event:
diff --git a/libraries/libapparmor/src/scanner.l b/libraries/libapparmor/src/scanner.l
index 2d63f6e45..dc931cd53 100644
--- a/libraries/libapparmor/src/scanner.l
+++ b/libraries/libapparmor/src/scanner.l
@@ -83,7 +83,6 @@ minus		"-"
 open_paren	"("
 close_paren	")"
 ID		[^ \t\n\(\)="'!]
-path		"/"{ID}*
 hexstring	({hex}{hex})+
 period		"\."
 mode_chars      ([RrWwaLlMmkXx])|([Pp][Xx])|([Uu][Xx])|([Ii][Xx])|([Pp][Ii][Xx])
@@ -106,35 +105,6 @@ lsm_avc_type		"AVC"
 unknown_type		UNKNOWN\[{digits}+\]
 other_audit_type	[[:alnum:]\[\]_-]+
 
-/* Old message tokens */
-
-old_apparmor_type	"APPARMOR"
-old_apparmor_reject	"REJECTING"
-old_apparmor_permit	"PERMITTING"
-old_apparmor_audit	"AUDITING"
-old_apparmor_logprof	"LOGPROF-HINT"
-old_unknown_hat		"unknown_hat"
-old_unknown_profile	"unknown_profile"
-old_missing_profile	"missing_mandatory_profile"
-old_changing_profile	"changing_profile"
-old_active		"active"
-old_access		"access"
-old_from		"from"
-old_to			"to"
-old_pipe		"pipe"
-old_extended		"extended"
-old_rmdir		"rmdir"
-old_mkdir		"mkdir"
-old_on			"on"
-old_xattr		"xattr"
-old_change		"change"
-old_syscall		"syscall"
-old_link		"link"
-old_fork		"fork"
-old_child		"child"
-
-null_complain		"null-complain-profile"
-
 /* Key tokens */
 
 key_apparmor		"apparmor"
@@ -153,7 +123,6 @@ key_magic_token		"magic_token"
 key_info		"info"
 key_pid			"pid"
 key_profile		"profile"
-key_image		"image"
 key_family		"family"
 key_sock_type		"sock_type"
 key_protocol		"protocol"
@@ -177,12 +146,10 @@ dmesg_timestamp		\[[[:digit:] ]{5,}\.[[:digit:]]{6,}\]
 %x quoted_string
 %x sub_id
 %x audit_id
-%x single_quoted_string
 %x hostname
 %x dmesg_timestamp
 %x safe_string
 %x audit_types
-%x old_action
 %x other_audit
 %x unknown_message
 
@@ -206,7 +173,6 @@ yy_flex_debug = 0;
 <sub_id>{
 	{open_paren}		{ return(TOK_OPEN_PAREN); }
 	{close_paren}		{ BEGIN(INITIAL); return(TOK_CLOSE_PAREN); }
-	"'"			{ string_buf_reset(); BEGIN(single_quoted_string); }
 	{ws}		{ }
 	\"			{ string_buf_reset(); BEGIN(quoted_string); }
 	{ID}+	{
@@ -217,19 +183,6 @@ yy_flex_debug = 0;
 	{equals}		{ return(TOK_EQUALS); }
 	}
 
-
-"'"			{ string_buf_reset(); BEGIN(single_quoted_string); }
-<single_quoted_string>"'" { /* End of the quoted string */
-				BEGIN(INITIAL);
-				yylval->t_str = strdup(string_buf);
-				return(TOK_SINGLE_QUOTED_STRING);
-			}
-
-
-<single_quoted_string>\\(.|\n) { string_buf_append(1, &yytext[1]); }
-
-<single_quoted_string>[^\\\n\'\"]+ { string_buf_append(yyleng, yytext); }
-
 \"			{ string_buf_reset(); BEGIN(quoted_string); }
 <quoted_string>\"	{ /* End of the quoted string */
 				BEGIN(INITIAL);
@@ -243,7 +196,6 @@ yy_flex_debug = 0;
 <quoted_string>[^\\\n\"]+ { string_buf_append(yyleng, yytext); }
 
 <safe_string>{
-	"'"		{ string_buf_reset(); BEGIN(single_quoted_string); }
 	\"		{ string_buf_reset(); BEGIN(quoted_string); }
 	{hexstring}	{ yylval->t_str = hex_to_string(yytext); BEGIN(INITIAL); return(TOK_HEXSTRING);}
 	{equals}	{ return(TOK_EQUALS); }
@@ -274,7 +226,6 @@ yy_flex_debug = 0;
 			  BEGIN(INITIAL);
 			  return(TOK_TYPE_UNKNOWN);
 			}
-	{old_apparmor_type} { BEGIN(INITIAL); return(TOK_OLD_TYPE_APPARMOR); }
 	{other_audit_type}  { yylval->t_str = strdup(yytext);
 			      BEGIN(other_audit);
 			      return(TOK_TYPE_OTHER);
@@ -291,42 +242,8 @@ yy_flex_debug = 0;
 			return(TOK_OPEN_PAREN);
 			}
 {close_paren}		{ return(TOK_CLOSE_PAREN); }
-{path}			{ yylval->t_str = strdup(yytext); return(TOK_PATH); }
 {period}		{ return(TOK_PERIOD); }
 
-{old_apparmor_reject}	{ BEGIN(old_action); return(TOK_OLD_APPARMOR_REJECT); }
-{old_apparmor_permit}	{ BEGIN(old_action); return(TOK_OLD_APPARMOR_PERMIT); }
-{old_apparmor_audit}	{ BEGIN(old_action); return(TOK_OLD_APPARMOR_AUDIT); }
-{old_apparmor_logprof}	{ return(TOK_OLD_APPARMOR_LOGPROF_HINT); }
-{old_unknown_hat}	{ BEGIN(sub_id); return(TOK_OLD_UNKNOWN_HAT); }
-{old_unknown_profile}	{ return(TOK_OLD_UNKNOWN_PROFILE); }
-{old_missing_profile}	{ return(TOK_OLD_MISSING_PROFILE); }
-{old_changing_profile}	{ return(TOK_OLD_CHANGING_PROFILE); }
-{old_active}		{ BEGIN(sub_id); return(TOK_OLD_ACTIVE); }
-{old_access}		{ return(TOK_OLD_ACCESS); }
-{old_to}		{ return(TOK_OLD_TO); }
-{old_from}		{ return(TOK_OLD_FROM); }
-{old_pipe}		{ return(TOK_OLD_PIPE); }
-{old_extended}		{ return(TOK_OLD_EXTENDED); }
-{old_on}		{ return(TOK_OLD_ON); }
-{old_change}		{ return(TOK_OLD_CHANGE); }
-{key_capability}	{ BEGIN(sub_id); return(TOK_KEY_CAPABILITY); }
-{old_syscall}		{ return(TOK_OLD_SYSCALL); }
-{old_fork}		{ return(TOK_OLD_FORK); }
-{old_child}		{ return(TOK_OLD_CHILD); }
-
-<old_action>{
-	{ws}+		{ /* eat whitespace */ }
-	{modes}		{ /* modes must stay out of INITIAL because of false pos matches e.g. Mar */
-			  yylval->t_str = strdup(yytext); BEGIN(INITIAL); return(TOK_MODE); }
-	{old_link}	{ BEGIN(INITIAL); return(TOK_OLD_LINK); }
-	{old_access}	{ BEGIN(INITIAL); return(TOK_OLD_ACCESS); }
-	{old_mkdir}	{ BEGIN(INITIAL); return(TOK_OLD_MKDIR); }
-	{old_rmdir}	{ BEGIN(INITIAL); return(TOK_OLD_RMDIR); }
-	{old_xattr}	{ BEGIN(sub_id); return(TOK_OLD_XATTR); }
-	{key_attribute}	{ BEGIN(sub_id); return(TOK_KEY_ATTRIBUTE); }
-}
-
 {key_apparmor}		{ BEGIN(audit_types); return(TOK_KEY_APPARMOR); }
 {key_type}		{ BEGIN(audit_types); return(TOK_KEY_TYPE); }
 {key_msg}		{ return(TOK_KEY_MSG); }
@@ -350,18 +267,7 @@ yy_flex_debug = 0;
 {key_fsuid}		{ return(TOK_KEY_FSUID); }
 {key_ouid}		{ return(TOK_KEY_OUID); }
 {key_comm}		{ return(TOK_KEY_COMM); }
- /* This key_capability entry is here to document, what should be.
-  * currently the capability token is handled by the old set of rules above
-  * it should be handled here, but there is no good way to combine them
-  * that doesn't require more work than it is worth atm because of the
-  * switch to sub_id in the old scanner rules.
-  * The switch to sub_id causes the new rule set in the grammar to need to
-  * accept a TOK_ID instead of TOK_DIGITS, which it should be.
-  * once the old rules and old scanning is ripped out this scanner rule
-  * should be activated and the corresponding rule in the grammar should
-  * be updated to use TOK_DIGITS
-  * {key_capability}	{ return(TOK_KEY_CAPABILITY); }
-  */
+{key_capability}	{ return(TOK_KEY_CAPABILITY); }
 {key_capname}		{ return(TOK_KEY_CAPNAME); }
 {key_offset}		{ return(TOK_KEY_OFFSET); }
 {key_target}		{ return(TOK_KEY_TARGET); }
@@ -371,8 +277,6 @@ yy_flex_debug = 0;
 {syslog_time}		{ yylval->t_str = strdup(yytext); BEGIN(hostname); return(TOK_DATE_TIME); }
 
 {audit}			{ yy_push_state(audit_id, yyscanner); return(TOK_AUDIT); }
-{null_complain}		{ return(TOK_NULL_COMPLAIN); }
-{key_image}		{ BEGIN(sub_id); return(TOK_KEY_IMAGE); }
 
 .			{ /* ignore any non-matched input */ BEGIN(unknown_message); yyless(0); }
 
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_01.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_01.out
index cf0006b0e..40ba483a6 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_01.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_01.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_01.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1157215966.604:46
-Operation: access
-Mask: r
-Profile: /usr/sbin/httpd2-prefork
-Name: /bin/df
-Info: sh
-PID: 7902
-Active hat: SYSINFO
+Operation: APPARMOR
+Info: REJECTING r access to /bin/df (sh(7902) profile /usr/sbin/httpd2-prefork active SYSINFO)
 Epoch: 1157215966
 Audit subid: 46
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_02.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_02.out
index 9a2aed1dd..5ca4a9244 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_02.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_02.out
@@ -1,13 +1,7 @@
 START
 File: test_multi/old_style_log_02.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1167188680.127:54
-Operation: access
-Mask: r
-Profile: /bin/freak-aa-out
-Name: /bin/freak-aa-out
-Info: bash
-PID: 23415
-Active hat: /bin/freak-aa-out
+Info: REJECTING r access to /bin/freak-aa-out (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)
 Epoch: 1167188680
 Audit subid: 54
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_03.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_03.out
index c02ad681a..e169373d2 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_03.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_03.out
@@ -1,12 +1,8 @@
 START
 File: test_multi/old_style_log_03.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1173790298.651:1662
-Operation: syscall
-Profile: /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_ptrace
-Name: ptrace
-Info: syscall_ptrace
-PID: 25210
-Active hat: /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_ptrace
+Operation: APPARMOR
+Info: REJECTING access to syscall 'ptrace' (syscall_ptrace(25210) profile /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_ptrace active /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_ptrace)
 Epoch: 1173790298
 Audit subid: 1662
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_04.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_04.out
index bad60cb8d..2a3925f0b 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_04.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_04.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_04.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1177962395.525:1837
-Mask: l
-Profile: /home/steve/svn/apparmor-forge/tests/regression/subdomain/link
-Name: /tmp/sdtest.3676-13458-it3683/target
-Name2: /tmp/sdtest.3676-13458-it3683/src
-Info: link
-PID: 3823
-Active hat: /home/steve/svn/apparmor-forge/tests/regression/subdomain/link
+Operation: APPARMOR
+Info: REJECTING link access from /tmp/sdtest.3676-13458-it3683/target to /tmp/sdtest.3676-13458-it3683/src (link(3823) profile /home/steve/svn/apparmor-forge/tests/regression/subdomain/link active /home/steve/svn/apparmor-forge/tests/regression/subdomain/link)
 Epoch: 1177962395
 Audit subid: 1837
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_05.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_05.out
index f30447bbb..9d84ec3c7 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_05.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_05.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_05.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1167188680.127:54
-Operation: access
-Mask: r
-Profile: /bin/freak-aa-out
-Name: /bin/freak-aa-out
-Info: bash
-PID: 23415
-Active hat: /bin/freak-aa-out
+Operation: APPARMOR
+Info: REJECTING r access to /bin/freak-aa-out (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)
 Epoch: 1167188680
 Audit subid: 54
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_06.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_06.out
index 6a077bc61..abc64465c 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_06.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_06.out
@@ -1,12 +1,8 @@
 START
 File: test_multi/old_style_log_06.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1167188680.127:54
-Operation: mkdir
-Profile: /bin/freak-aa-out
-Name: /path/to/something
-Info: bash
-PID: 23415
-Active hat: /bin/freak-aa-out
+Operation: APPARMOR
+Info: REJECTING mkdir on /path/to/something (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)
 Epoch: 1167188680
 Audit subid: 54
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_07.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_07.out
index 376aef7b8..9c8885f2d 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_07.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_07.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_07.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1167188680.127:54
-Operation: xattr
-Profile: /bin/freak-aa-out
-Name: /path/to/something
-Attribute: set
-Info: bash
-PID: 23415
-Active hat: /bin/freak-aa-out
+Operation: APPARMOR
+Info: REJECTING xattr set on /path/to/something (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)
 Epoch: 1167188680
 Audit subid: 54
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_08.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_08.out
index a59b87a75..1878d2889 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_08.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_08.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_08.in
-Event type: AA_RECORD_ALLOWED
+Event type: AA_RECORD_INVALID
 Audit ID: 1168662182.495:58
-Operation: access
-Mask: r
-Profile: /home/matt/projects/change_hat_test/test_hat
-Name: /home/matt/projects/change_hat_test/test
-Info: test_hat
-PID: 27871
-Active hat: null-complain-profile
+Operation: APPARMOR
+Info: PERMITTING r access to /home/matt/projects/change_hat_test/test (test_hat(27871) profile /home/matt/projects/change_hat_test/test_hat active null-complain-profile)
 Epoch: 1168662182
 Audit subid: 58
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_09.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_09.out
index e92dcf6bf..4de264d30 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_09.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_09.out
@@ -1,12 +1,8 @@
 START
 File: test_multi/old_style_log_09.in
-Event type: AA_RECORD_ALLOWED
+Event type: AA_RECORD_INVALID
 Audit ID: 1167188680.127:54
-Operation: rmdir
-Profile: /bin/freak-aa-out
-Name: /path/to/something
-Info: bash
-PID: 23415
-Active hat: /bin/freak-aa-out
+Operation: APPARMOR
+Info: PERMITTING rmdir on /path/to/something (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)
 Epoch: 1167188680
 Audit subid: 54
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_10.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_10.out
index 74d05f3c4..a7d30d834 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_10.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_10.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_10.in
-Event type: AA_RECORD_ALLOWED
+Event type: AA_RECORD_INVALID
 Audit ID: 1167188680.127:54
-Operation: setattr
-Profile: /bin/freak-aa-out
-Name: /else
-Attribute: something
-Info: bash
-PID: 23415
-Active hat: /bin/freak-aa-out
+Operation: APPARMOR
+Info: PERMITTING attribute (something) change to /else (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)
 Epoch: 1167188680
 Audit subid: 54
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_11.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_11.out
index 45f0b9d08..20ce53fb8 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_11.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_11.out
@@ -1,12 +1,8 @@
 START
 File: test_multi/old_style_log_11.in
-Event type: AA_RECORD_ALLOWED
+Event type: AA_RECORD_INVALID
 Audit ID: 1167188680.127:54
-Operation: capability
-Profile: /bin/freak-aa-out
-Name: cap
-Info: bash
-PID: 23415
-Active hat: /bin/freak-aa-out
+Operation: APPARMOR
+Info: PERMITTING access to capability 'cap' (bash(23415) profile /bin/freak-aa-out active /bin/freak-aa-out)
 Epoch: 1167188680
 Audit subid: 54
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_12.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_12.out
index 707ae6893..68c2f4150 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_12.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_12.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_12.in
-Event type: AA_RECORD_ALLOWED
+Event type: AA_RECORD_INVALID
 Audit ID: 1201615421.935:4837
-Mask: l
-Profile: null-complain-profile
-Name: /home/jj/.fonts.cache-2.LCK
-Name2: /home/jj/.fonts.cache-2.TMP-IyT7AP
-Info: firefox-bin
-PID: 16844
-Active hat: null-complain-profile
+Operation: APPARMOR
+Info: PERMITTING link access from /home/jj/.fonts.cache-2.LCK to /home/jj/.fonts.cache-2.TMP-IyT7AP (firefox-bin(16844) profile null-complain-profile active null-complain-profile)
 Epoch: 1201615421
 Audit subid: 4837
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_13.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_13.out
index 57a96145b..7415791c8 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_13.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_13.out
@@ -1,12 +1,8 @@
 START
 File: test_multi/old_style_log_13.in
-Event type: AA_RECORD_DENIED
+Event type: AA_RECORD_INVALID
 Audit ID: 1173790298.983:1669
-Operation: syscall
-Profile: /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_sysctl
-Name: sysctl (write)
-Info: syscall_sysctl
-PID: 25423
-Active hat: /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_sysctl
+Operation: APPARMOR
+Info: REJECTING access to syscall 'sysctl (write)' (syscall_sysctl(25423) profile /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_sysctl active /home/steve/svn/trunk-forge/tests/regression/subdomain/syscall_sysctl)
 Epoch: 1173790298
 Audit subid: 1669
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_14.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_14.out
index 09cd86fbd..8b870bbff 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_14.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_14.out
@@ -1,13 +1,8 @@
 START
 File: test_multi/old_style_log_14.in
-Event type: AA_RECORD_AUDIT
+Event type: AA_RECORD_INVALID
 Audit ID: 1177962426.395:2107
-Operation: access
-Mask: mr
-Profile: /home/steve/svn/apparmor-forge/tests/regression/subdomain/changehat_wrapper
-Name: /lib/ld-2.4.so
-Info: open
-PID: 7139
-Active hat: open
+Operation: APPARMOR
+Info: AUDITING mr access to /lib/ld-2.4.so (open(7139) profile /home/steve/svn/apparmor-forge/tests/regression/subdomain/changehat_wrapper active open)
 Epoch: 1177962426
 Audit subid: 2107
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_15.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_15.out
index 66c046a52..d89c63e68 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_15.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_15.out
@@ -1,11 +1,8 @@
 START
 File: test_multi/old_style_log_15.in
-Event type: AA_RECORD_HINT
+Event type: AA_RECORD_INVALID
 Audit ID: 1168661976.062:55
-Operation: clone
-Profile: /home/matt/projects/change_hat_test/test_hat
-Task: 38229
-PID: 27764
-Active hat: /home/matt/projects/change_hat_test/test_hat
+Operation: APPARMOR
+Info: LOGPROF-HINT fork pid=27764 child=38229 profile=/home/matt/projects/change_hat_test/test_hat active=/home/matt/projects/change_hat_test/test_hat 
 Epoch: 1168661976
 Audit subid: 55
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_16.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_16.out
index ce1757410..409cc93f9 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_16.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_16.out
@@ -1,9 +1,8 @@
 START
 File: test_multi/old_style_log_16.in
-Event type: AA_RECORD_HINT
+Event type: AA_RECORD_INVALID
 Audit ID: 1168661976.062:55
-Operation: clone
-Task: 38229
-PID: 27764
+Operation: APPARMOR
+Info: LOGPROF-HINT fork pid=27764 child=38229 
 Epoch: 1168661976
 Audit subid: 55
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_17.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_17.out
index 4a3329100..eb31d70b7 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_17.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_17.out
@@ -1,8 +1,8 @@
 START
 File: test_multi/old_style_log_17.in
-Event type: AA_RECORD_HINT
+Event type: AA_RECORD_INVALID
 Audit ID: 1164007073.953:518
-Profile: null-complain-profile
-PID: 29420
+Operation: APPARMOR
+Info: LOGPROF-HINT changing_profile pid=29420
 Epoch: 1164007073
 Audit subid: 518
diff --git a/libraries/libapparmor/testsuite/test_multi/old_style_log_18.out b/libraries/libapparmor/testsuite/test_multi/old_style_log_18.out
index 9f0e88bb3..a67fdfd3c 100644
--- a/libraries/libapparmor/testsuite/test_multi/old_style_log_18.out
+++ b/libraries/libapparmor/testsuite/test_multi/old_style_log_18.out
@@ -1,12 +1,8 @@
 START
 File: test_multi/old_style_log_18.in
-Event type: AA_RECORD_HINT
+Event type: AA_RECORD_INVALID
 Audit ID: 1168661976.062:55
-Operation: change_hat
-Profile: /home/matt/projects/change_hat_test/test_hat
-Name: TESTHAT
-Info: unknown_hat
-PID: 27764
-Active hat: /home/matt/projects/change_hat_test/test_hat
+Operation: APPARMOR
+Info: LOGPROF-HINT unknown_hat TESTHAT pid=27764 profile=/home/matt/projects/change_hat_test/test_hat active=/home/matt/projects/change_hat_test/test_hat 
 Epoch: 1168661976
 Audit subid: 55