Skip to content

Cybereason/linux_plumber

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

18 Commits
 
 
 
 
 
 
 
 

Repository files navigation

Plumber (for Linux)

Written by Amit Serper of Cybereason.

Plumber is a python wrapped ftrace utility to trace various process events (currently supoports fork/execve/process termination). My goal was to provide a comfortable pythonic way of tracking short-lived process execution on Linux. Plumber is inspired by Brandan Gregg's amazing work and tools.

Current features (v 0.1):

  • execve() calling
  • fork() calling
  • Process termination
  • Dazzling colour support

Prerequisites

  • The colored python module
  • You need to have ftrace support in your kernel - cat /proc/sys/kernel/ftrace_enabled.

Usage

  • Run as root (in order to access the trace pipe) - python plumber.py
  • Kick back and enjoy :)

Licensing:

Plumber is licensed under the AGPL license. Please see LICENSE.MD file for more details.

About

A python implementation of a grep friendly ftrace wrapper

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages