A python implementation of a grep friendly ftrace wrapper
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Failed to load latest commit information.
LICENSE.md
README.md
plumber.py

README.md

Plumber (for Linux)

Written by Amit Serper of Cybereason.

Plumber is a python wrapped ftrace utility to trace various process events (currently supoports fork/execve/process termination). My goal was to provide a comfortable pythonic way of tracking short-lived process execution on Linux. Plumber is inspired by Brandan Gregg's amazing work and tools.

Current features (v 0.1):

  • execve() calling
  • fork() calling
  • Process termination
  • Dazzling colour support

Prerequisites

  • The colored python module
  • You need to have ftrace support in your kernel - cat /proc/sys/kernel/ftrace_enabled.

Usage

  • Run as root (in order to access the trace pipe) - python plumber.py
  • Kick back and enjoy :)

Licensing:

Plumber is licensed under the AGPL license. Please see LICENSE.MD file for more details.