summaryrefslogtreecommitdiff
path: root/bpftrace-execve-2args
diff options
context:
space:
mode:
authorgrothedev <grothedev@gmail.com>2025-03-20 22:24:06 -0500
committergrothedev <grothedev@gmail.com>2025-03-20 22:24:06 -0500
commit63ee981b6b6f81cdd7bbad31a938b52e401c1548 (patch)
treec4a83217f3fb322b9361d7fcdddd969a29fa20b6 /bpftrace-execve-2args
parent221e6f10eb345caa079014c48340d713ad05d9d7 (diff)
more bpftrace prOGROMs
Diffstat (limited to 'bpftrace-execve-2args')
-rw-r--r--bpftrace-execve-2args1
1 files changed, 1 insertions, 0 deletions
diff --git a/bpftrace-execve-2args b/bpftrace-execve-2args
new file mode 100644
index 0000000..aa6d3b8
--- /dev/null
+++ b/bpftrace-execve-2args
@@ -0,0 +1 @@
+sudo bpftrace -e 'tracepoint:syscalls:sys_enter_execve { printf("PID: %d, UID: %d, CMD: %s, TIME: %u, FILE: %s, ARGS: %s %s\n", pid, uid, comm, nsecs, str(args->filename), str(args->argv[1]), str(args->argv[2]) ); }'
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-31 09:17:16 +0000