This is the mail archive of the systemtap@sourceware.org mailing list for the systemtap project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Would it be helpful to post some sample scripts that do useful work?This one breaks on my system.
Here's a one-liner:
stap -e 'probe kernel.function("sys_open") {print(execname()."[".string(pid())."]"." opened ".$filename)}'
And here's a version of shellsnoop:
------------------------------------- global pids
probe kernel.function("do_execve") { if (execname() == "bash" || execname() == "sh" || execname == "tcsh") { print("user= ".string(uid())."\tpid= ".string(pid())."\tppid= ".string(ppid())."\texec ".$filename) pids[pid()] = 1 } }
---------------------------------------
-- Kevin Stafford DES 2 | MS 2M3 Beaverton - OR Linux Technology Center IBM Systems & Technology Phone: 1-503-578-3039 Email: kevinrs@us.ibm.com
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |