Autrace - Tool to check, count and monitor Linux processes
Many people still do not know what Autrace is? The information you need to know about Autrace will be shared by TipsMake in the article below.
What is Autrace?
Autrace is a utility that allows running a process and saving the process's audit information in the file /var/www/audit/audit.log by adding audit rules.
To work, you first need to delete all existing audit rules.
Syntax for using autrace
# autrace -r program program-args
If you have any audit rules, autrace will show errors, for example:
On CentOS
# autrace /usr/bin/df
On Debian:
# autrace /bin/df
First you need to delete all audit rules using the following command:
# auditctl –D
The system will then run autrace with the program you want. In the example here, we are watching how the df command executes, showing the filesystem usage status.
On CentOS :
# autrace /usr/bin/df -h
On Debian :
# autrace /bin/df -h
From the screenshot above, you can find all the log entries to play around with, explore from the log file using the ausearch function as follows.
On Centos:
# ausearch -i -p 2658
In there:
-i : Enables interpretation of numeric values into text
-p : Enter the process ID to search
On Debian:
# ausearch -i -p 6796
To output a detailed report, you can build a command that combines ausearch and aureport as follows
On Centos
# ausearch -p 2678 --raw | aureport -i –f
In there:
--raw : Tell ausearch to send all raw input to aureport
-f : Allows reporting on files as well as af_unix sockets
-i : Enables interpretation of numeric values into text
On Debian
# ausearch -p 6796 --raw | aureport -i –f
And you can also use the following command to limit the syscalls to be grouped together, which is necessary for analyzing the resource usage of the df process.
On Centos
# autrace -r /usr/bin/df -h
On Debian
# autrace -r /bin/df -h
If you've ausearched a program in the past week, that means there's a lot of information going into the audit logs. To generate a report that only records events that happened today, you can use ausearch's -ts flag to specify the exact time to start searching for information:
On Centos
# ausearch -ts today -p 2768 --raw | aureport -i –f
On Debian
# ausearch -ts today -p 6796 --raw | aureport -i -f
That's all the basics you can use to control, monitor and track a Linux process using autrace. For more details, you can read the man pages.
According to TipsMake share
You should read it
- 20 impressive ads where creators can read our thoughts
- All the errors on Youtube and how to fix it
- Top 5 free game development software tools
- Lenovo's smallest laptop for consumers
- SEO tips for your Website
- Summary of driver error codes on Windows and how to fix (Last part)
- How to use flash drive on Windows 10
- Beautiful and simple modern kitchen design template
May be interested
- What is SCP Command? How to use SCP Command in Linuxscp (secure copy protocol) is a command used to securely copy files and folders between computers, including transferring data between a local computer and a remote server, or between two remote servers.
- What is Sed? Learn about the Sed command in Linuxsed is a line editor, commonly used to change text in files on the linux operating system.
- What is Cloud Server Linux? Advantages and disadvantages of Cloud Server Linuxcloud server linux is a cloud-based website hosting service using the linux operating system. linux will support websites using programming languages such as php, python, db, mysql,...
- TrickBot Linux Variants Resurface Despite Removalthe coalition's efforts to take down trickbot may have taken down much of the notorious botnet's critical infrastructure, but the cybercriminals behind the malware have refused to let their hard work go to waste.
- Install LAMP Stack on Ubuntu 18.04lamp stack is a collection of open source software made up of linux operating system, apache, mysql database and php. let's explore how to install lamp stack on ubuntu 18.04.
- Instructions for configuring Reverse Proxy with the latest NGINXin today's article, tipsmake will help you learn and configure reverse proxy with nginx fully and in detail.