This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/env stap | |
global allowed_ttys; //holds a list of processes allowed to generate ttys | |
probe begin | |
{ | |
println("Tracking spawned TTYs..."); | |
allowed_ttys["sshd"] <<<1; | |
allowed_ttys["gnome-pty-helpe"] <<<1; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
probe begin | |
{ | |
println("Tracking spawned TTYs..."); | |
} | |
probe tty.init | |
{ | |
printf("%15s %5d %15s %5d \n", ctime(gettimeofday_s()), uid(), execname(), pid()); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
for i in {1..10}; do ping -c1 google.com; sleep 4; done |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/env stap | |
/* | |
/\ \ /\ \__ | |
\ \ \____ __ __ ___ ___ ___ __ \ \ ,_\ ___ _ __ | |
\ \ '__`\ /'__`\ /'__`\ /'___\ / __`\ /' _ `\ /'__`\ \ \ \/ / __`\/\`'__\ | |
\ \ \L\ \/\ __//\ \L\.\_/\ \__//\ \L\ \/\ \/\ \/\ \L\.\_\ \ \_/\ \L\ \ \ \/ | |
\ \_,__/\ \____\ \__/.\_\ \____\ \____/\ \_\ \_\ \__/.\_\\ \__\ \____/\ \_\ | |
\/___/ \/____/\/__/\/_/\/____/\/___/ \/_/\/_/\/__/\/_/ \/__/\/___/ \/_/ | |
*/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#! /usr/bin/env stap | |
probe udp.sendmsg{ | |
printf("%15s %15s %15s %5d %5d %15s UDP\n", ctime(gettimeofday_s()), saddr, daddr, sport, dport, execname()) | |
} |