Sindbad~EG File Manager
#!/usr/bin/stap
#
# This is a stap script to monitor process creations (fork(), exec()'s).
# Based on stap script found: http://picobot.org/wordpress/?p=27
# With some minor modifications (i.e. timestamping)
#
# Usage: stap forktracker.stp
#
# Sample output:
#
# timestamp: process_name (pid) new_pid
#
# Version 0.1
probe kprocess.create {
printf("%-25s: %s (%d:%d) created %d:%d\n",
ctime(gettimeofday_s()), execname(), pid(), tid(), new_pid, new_tid)
}
probe kprocess.exec {
printf("%-25s: %s (%d) is exec'ing %s\n",
ctime(gettimeofday_s()), execname(), pid(), filename)
}
Sindbad File Manager Version 1.0, Coded By Sindbad EG ~ The Terrorists