:: Re: [DNG] Track process start / sto…
Página superior
Este mensaje es parte del siguiente hilo:
MEl árbol completo de hilos, ordenados por fecha
MAntony Stone, mensaje del <-
MAntony Stone, mensaje del ->
Eliminar este mensaje
Responder a este mensaje
Autor: Tomasz Torcz
Fecha:  
A: dng
Asunto: Re: [DNG] Track process start / stop?
On Thu, Jan 06, 2022 at 11:51:09AM +0100, Antony Stone wrote:
> Hi.
>
> I'm wondering whether there is any way of getting a list or log file of
> processes which get started and terminated, independently of whether those
> processes themselves actually do any logging.
>
>
> I'm wondering whether there's a logging option buried in whichever part of the
> system assigns and recovers process IDs as things get started and stopped,
> perhaps?

There is audit exactly for that purpose. Something like

auditctl -a task,always
ausearch -i -sc execve

should get you started. 

 Another option could be execsnoop
 (https://github.com/iovisor/bcc/blob/master/tools/execsnoop.py)
-- 
Tomasz Torcz                                                       72->|   80->|
tomek@???                                               72->|   80->|


Este mensaje se envió a las siguientes listas de correo:
dng
Información de la lista de correo | Mensajes cercanos		<-[DNG] Track process start / stop?Re: [DNG] Track process start / stop?->

Donate to Dyne.org

dyne.org open discussions
administrado por dyne.org hackers		Lurker (versión 2.3)