Merge remote-tracking branch 'origin/master'

author: grothedev <grothedev@gmail.com> 2025-06-08 01:31:22 -0500
committer: grothedev <grothedev@gmail.com> 2025-06-08 01:31:22 -0500
commit: c104bdc43b18b3ba81ce57393f248dcc5066af85 (patch)
tree: 1393991349e474a42be775af6c2124dc819848c3 /bpftrace-execve-2args
parent: b10ec2b1c75bf04649c0cd93f3e3eb649424756a (diff)
parent: 2c056803a8e50f4960bbc4592d67b4bf12efa32d (diff)
1 files changed, 1 insertions, 0 deletions
diff --git a/bpftrace-execve-2args b/bpftrace-execve-2args
new file mode 100644
index 0000000..aa6d3b8
--- /dev/null
+++ b/bpftrace-execve-2args
@@ -0,0 +1 @@
+sudo bpftrace -e 'tracepoint:syscalls:sys_enter_execve { printf("PID: %d, UID: %d, CMD: %s, TIME: %u, FILE: %s, ARGS: %s %s\n", pid,  uid, comm, nsecs, str(args->filename), str(args->argv[1]), str(args->argv[2]) ); }'
author	grothedev <grothedev@gmail.com>	2025-06-08 01:31:22 -0500
committer	grothedev <grothedev@gmail.com>	2025-06-08 01:31:22 -0500
commit	c104bdc43b18b3ba81ce57393f248dcc5066af85 (patch)
tree	1393991349e474a42be775af6c2124dc819848c3 /bpftrace-execve-2args
parent	b10ec2b1c75bf04649c0cd93f3e3eb649424756a (diff)
parent	2c056803a8e50f4960bbc4592d67b4bf12efa32d (diff)