On Thu, Jul 03, 2003 at 12:07:14PM +0300, [EMAIL PROTECTED] wrote: > > http://syscalltrack.sf.net > > Thanks. Sounds like just what I was after, including a Debian > package.
The debian package is badly out of date... I really recommend
compiling from source.
> For instance, from reading the docs of syscalltrack all I'll have
> to do is to configure it with:
>
> rule {
> syscall_name = execle
> when = before
> action { type = LOG }
> }
>
> And get exactly what I want (hmmm, lots of shell/perl hacking on the output,
> yummi yummi....:)
You can also set the log format, to make it easier for you to parse.
--
Muli Ben-Yehuda
http://www.mulix.org
http://www.livejournal.com/~mulix/
pgp00000.pgp
Description: PGP signature
