Server : Apache System : Linux server2.corals.io 4.18.0-348.2.1.el8_5.x86_64 #1 SMP Mon Nov 15 09:17:08 EST 2021 x86_64 User : corals ( 1002) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system Directory :  /opt/rh/gcc-toolset-11/root/usr/share/systemtap/examples/process/

Upload File : current_dir [ Writeable ] document_root [ Writeable ]

title: Generate backtraces for kernel audit events
name: auditbt.stp
keywords: monitoring security backtrace
subsystem: process
scope: system-wide
description: Attaches to the kernel audit-log paths (also used by libaudit), and log every record being sent, along with a user-space backtrace of the process that caused it.
test_check: stap -p4 auditbt.stp
test_installcheck: stap auditbt.stp -d /usr/bin/sudo --ldd -c "sudo true"