Tutorials Point

Google
Web This Site

  Unix for Beginners

  Unix Shell Programming

  Advanced Unix

  Unix Useful References

  Unix Useful Resources

  Selected Reading


Copyright © 2014 by tutorialspoint

  Home     References     Discussion Forums     About TP  

autrace - Unix, Linux Command

previous next AddThis Social Bookmark Button

Advertisements

NAME

autrace - a program similar to strace

SYNOPSIS

autrace program [-r] [program-args]...

DESCRIPTION

autrace is a program that will add the audit rules to trace a process similar to strace. It will then execute the program passing arguments to it. The resulting audit information will be in the audit logs if the audit daemon is running or syslog. This command deletes all audit rules prior to executing the target program and after executing it. As a safety precaution, it will not run unless all rules are deleted with auditctl prior to use.

OPTIONS

TagDescription
-r Limit syscalls collected to ones needed for analyzing resource usage. This could help people doing threat modeling. This saves space in logs.

EXAMPLES

The following illustrates a typical session: 

autrace /bin/ls /tmp 
ausearch --start recent -p 2442 -i

and for resource usage mode: 

autrace -r /bin/ls 
ausearch --start recent -p 2450 --raw | aureport --file --summary 
ausearch --start recent -p 2450 --raw | aureport --host --summary

SEE ALSO

AUTHOR

Steve Grubb
previous next Printer Friendly
Advertisements

  

Advertisements