execsnoop.py - OpenGrok cross reference for /external/bcc/tools/execsnoop.py

Lines Matching full:execsnoop

4 # execsnoop Trace new processes via exec() syscalls.
7 # USAGE: execsnoop [-h] [-T] [-t] [-x] [-q] [-n NAME] [-l LINE]
51     ./execsnoop           # trace all exec() syscalls
52     ./execsnoop -x        # include failed exec()s
53     ./execsnoop -T        # include time (HH:MM:SS)
54     ./execsnoop -U        # include UID
55     ./execsnoop -u 1000   # only trace UID 1000
56     ./execsnoop -u user   # get user UID and trace only them
57     ./execsnoop -t        # include timestamps
58     ./execsnoop -q        # add "quotemarks" around arguments
59     ./execsnoop -n main   # only print command lines containing "main"
60     ./execsnoop -l tpkg   # only print command where arguments contains "tpkg"
61     ./execsnoop --cgroupmap mappath  # only trace cgroups in this BPF map
62     ./execsnoop --mntnsmap mappath   # only trace mount namespaces in the map