summaryrefslogtreecommitdiff
path: root/bpftrace-execve
diff options
context:
space:
mode:
Diffstat (limited to 'bpftrace-execve')
-rw-r--r--bpftrace-execve1
1 files changed, 1 insertions, 0 deletions
diff --git a/bpftrace-execve b/bpftrace-execve
new file mode 100644
index 0000000..983aa76
--- /dev/null
+++ b/bpftrace-execve
@@ -0,0 +1 @@
+sudo bpftrace -e 'tracepoint:syscalls:sys_enter_execve { printf("PID: %d, UID: %d, CMD: %s, TIME: %u, FILE: %s\n", pid, uid, comm, nsecs, str(args->filename)); }'
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-31 08:06:20 +0000