how to tell what ran what
brian at planetshwoop.com
Wed Feb 15 12:44:37 PST 2006
Glenn McCalley wrote:
> ----- Original Message -----
> From: "Björn König" <bkoenig at cs.tu-berlin.de>
> To: "Glenn McCalley" <techlist at bnetmd.net>
> Cc: <freebsd-questions at freebsd.org>
> Sent: Wednesday, February 15, 2006 11:13 AM
> Subject: Re: how to tell what ran what
>> Glenn McCalley schrieb:
>> > Is there a way to find out -which- -process- calls another process?
>> Each process is associated with a parent; look at the ppid column:
>> ps axo user,pid,ppid,command
> Thanks, I stated the question poorly. My fault.
> Is historical info available and is it available by file name?
> I trying to find out (for example) what (unknown) program ran another
> (known) program between 0900 and 1000 yesterday - something like that.
> I've got a customer sending our emails that he shouldn't - I don't know
> which customer it is. The program that sends the mail is running as a cgi
> so it all shows up as user "nobody".
> If I can get a list of what programs, path and file name, called sendmail
> over (say) the last 24 hours, one of them should jump off the page with an
> unreasonable level of activitiy.
The web server logs don't tell you anything in the URL data? A CGI script
usually has some parameters which might provide some assistance.
More information about the freebsd-questions