search

0b01 / tail2

https://tail2.com
2 stars 1 forks source link

Listen for new execve calls, add proc map info #4

Open 0b01 opened 2 years ago

0b01 commented 2 years ago

https://github.com/iovisor/bcc/blob/master/tools/execsnoop.py#L216

0b01 commented 2 years ago

alternatively, refresh pid table on a 1s inteval.

0b01 commented 2 years ago

done

0b01 commented 2 years ago

need to figure out caching

0b01 commented 2 years ago

and module loads