Last active
September 28, 2015 22:00
-
-
Save hartmantis/420cedaffd88542cb959 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| A simple `ls` command. | |
| Auditd: | |
| type=SYSCALL msg=audit(1443472662.093:768): arch=c000003e syscall=59 success=yes exit=0 a0=100f788 a1=ef0688 a2=fe0808 a3=7fff2f4cc550 items=2 ppid=18368 pid=19531 auid=900 uid=900 gid=900 euid=900 suid=900 fsuid=900 egid=900 sgid=900 fsgid=900 ses=5 tty=pts1 comm="ls" exe="/bin/ls" key=(null) | |
| type=EXECVE msg=audit(1443472662.093:768): argc=2 a0="ls" a1="--color=auto" | |
| type=CWD msg=audit(1443472662.093:768): cwd="/home/vagrant" | |
| type=PATH msg=audit(1443472662.093:768): item=0 name="/bin/ls" inode=1308212 dev=fc:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 nametype=NORMAL | |
| type=PATH msg=audit(1443472662.093:768): item=1 name=(null) inode=2093204 dev=fc:00 mode=0100755 ouid=0 ogid=0 rdev=00:00 nametype=NORMAL | |
| </code> | |
| Snoopy: | |
| Sep 28 20:40:09 vagrant snoopy[19699]: [uid:900 sid:19684 tty:/dev/pts/1 cwd:/home/vagrant filename:/bin/ls]: ls --color=auto |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment