0

I'm writing a Python script in which I would like to listen for when a process executes on my machine. From what I can tell, the Linux kernel has support for this with CONFIG_PROC_EVENTS enabled. This answer and the contained links have been very helpful to confirm this.

Unfortunately, I cannot find any python libraries that support this feature (or I am missing it in the documentation) - I've looked at psutil, python-proc, as well as butter, but cannot seem to find anything that will allow me to detect exec events. Is there a solution in Python that works without polling? If so, what would it look like?

Community
  • 1
  • 1
Wulfsta
  • 1
  • 2
  • You may be able to use the low-level [`socket`](https://docs.python.org/2/library/socket.html) module to replicate the code in the linked answer. – augurar Mar 16 '17 at 07:32
  • Also related: https://stackoverflow.com/questions/4676866/how-can-i-use-a-netlink-socket-to-data-from-kernel-space-in-python – augurar Mar 16 '17 at 07:41

0 Answers0