summaryrefslogtreecommitdiff
path: root/bpftrace-execve
blob: 983aa7670cebaf20e7e414eaef8995d3cb8ad000 (plain) 
1

sudo bpftrace -e 'tracepoint:syscalls:sys_enter_execve { printf("PID: %d, UID: %d, CMD: %s, TIME: %u, FILE: %s\n", pid,  uid, comm, nsecs, str(args->filename)); }'
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-31 09:24:31 +0000