38 points | by signa11 8 hours ago ago
2 comments
Neat, though I'm guessing it's pretty slow.
Tip for anyone reading: If you only need to trace file accesses or command executions, `eslogger lookup` and `eslogger exec` respectively will give you what you need (albeit in the form of a not-particularly-friendly JSON blob).
Modulo I haven’t tried it yet it’s been an irritant that SIP broke tracing so this is a welcome development, thank you.
Neat, though I'm guessing it's pretty slow.
Tip for anyone reading: If you only need to trace file accesses or command executions, `eslogger lookup` and `eslogger exec` respectively will give you what you need (albeit in the form of a not-particularly-friendly JSON blob).
Modulo I haven’t tried it yet it’s been an irritant that SIP broke tracing so this is a welcome development, thank you.