EVENT-VIEWER(8)
=============
Michael Gebetsroither <gebi@grml.org>


NAME
----
event-viewer - program to see all fork/exec/exit/uid/gid events on a running system


SYNOPSIS
--------
*event-viewer*


DESCRIPTION
-----------
*event-viewer* uses the new netlink/fork connector interface from linux >=2.6.15.
event-viewer thus receives all fork/exec/exit/uid/gid events.


KERNEL REQUIREMENTS
-------------------
linux version >=2.6.15.

The following kernel options should be set to be able to use event-viewer.

It is *NOT* sufficed to set the options to m (module) - they have to be compiled into the kernel.
..................
#
# Connector - unified userspace <-> kernelspace linker
#
CONFIG_CONNECTOR=y
CONFIG_PROC_EVENTS=y
..................

EXAMPLES
--------
as root: nice -n -10 event-viewer


SEE ALSO
--------
sh-wrapper(8)
