diff options
| author | Leah Neukirchen <leah@vuxu.org> | 2019-11-30 23:36:34 +0100 |
|---|---|---|
| committer | Leah Neukirchen <leah@vuxu.org> | 2019-11-30 23:36:34 +0100 |
| commit | f02ef88edf617245cbd33813561b46ccadcabfb3 (patch) | |
| tree | 51587825b1cc630e9c6b48d452af2d2b8aa7b5e0 | |
| parent | 185a7d1d4860f5dcbe2fd5bfdd66b7341fecc7a2 (diff) | |
| download | extrace-f02ef88edf617245cbd33813561b46ccadcabfb3.tar.gz extrace-f02ef88edf617245cbd33813561b46ccadcabfb3.tar.xz extrace-f02ef88edf617245cbd33813561b46ccadcabfb3.zip | |
extrace-bpf: don't lose first event
| -rwxr-xr-x | extrace-bpf | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/extrace-bpf b/extrace-bpf index 4658cc7..d72f847 100755 --- a/extrace-bpf +++ b/extrace-bpf @@ -6,6 +6,9 @@ require 'etc' # TODO: -p / cmd... (how?) BPF = <<'EOF' +BEGIN { + printf("SEP2\n"); +} tracepoint:syscalls:sys_enter_execve { printf("%ld +%d %d", elapsed, pid, uid); join(args->argv, "SEP1"); |