Linux: Tool to monitor every process, execute-command, shortly, monitor what's happening at the moment

Possible Duplicate:
How can I log all process launches in Linux

Hello,
due to a freeze problem of my Ubuntu 10.10 (it is not isolatable) I though about logging every executable of the kernel somehow in any file to see what happens last when a freeze occures the next time to not lose valuable information.
I found acct but this is obviously not what I'm looking for. Actually it logs just user commands and those things. I need something which logs in a much "deeper" level. The best would be some kind of script which records every interrupt. Does anybody know some tool like that?

Bevor

Posted 2010-12-17T18:19:18.930

Reputation: 307

Audit subsystem. – Ignacio Vazquez-Abrams – 2010-12-17T18:27:18.830

i.e. start with http://superuser.com/questions/222912/how-can-i-log-all-process-launches-in-linux

– Gilles 'SO- stop being evil' – 2010-12-18T00:32:46.440

Maybe you can get a kernel core dump. See also CrashdumpRecipe and other Ubuntu kernel debugging topics.

– Gilles 'SO- stop being evil' – 2010-12-18T00:36:28.123

Thanks Gilles, this is what I'm looking for. Can you post is as answer, so I can check it answered. – Bevor – 2010-12-18T09:32:27.430

Answers

Gilles' comment was the solution:

Maybe you can get a kernel core dump. See also CrashdumpRecipe and other Ubuntu kernel debugging topics.

Bevor

Posted 2010-12-17T18:19:18.930

Reputation: 307

You might try a 'ps' -aux that will list all processes running on the system at a point in time. You could put it into a shell script to iteratively run over time, probably with a sleep in between iterations. A 'top' runs continuously and lists the largest users of system resources. It also has flags that can tailor its output (man top or man ps)

Alan

apolinsky

Posted 2010-12-17T18:19:18.930

Reputation: 111

ps is not low level enough. AFAIK it is not possible to get kernel interrupts with it. I will get auditd a try. – Bevor – 2010-12-18T09:18:55.330