0
I know there is a process called blt.pl running on a particular machine but not quite sure which user is running it.
i have tried ps -ef | grep -i blt.pl but obviously it's not finding it.
Is there a way for me to get the pid of blt.pl process?
ealeon
Posted 2014-03-11T14:11:32.953
Reputation: 119
1
You really should say what your OS is; your OS determines (to a large extent) your toolset.
That said, most UNIXish things have pgrep. You can run that.
If you're on MacOS X or anything else BSDish, ps -ef is not what you want. Try: ps -auwwx | grep bit.pl.
You can do a slight variation of this on Linux: ps auwwx | grep bit.pl notice the lack of the dash in the Linux version of the command.
As others have said, this should pick up your process. If you can't see it, how are you sure that it's running? Is it writing to a file? If so, a tool like lsof or fuser may help. Maybe even running lsof and grep'ping for bit.pl may help.
You're basically saying "my faith that this code is running and didn't die when I wasn't paying attention is stronger than my faith in ps"
The only other thing I can think of is if your computer is "owned" - you have a kernel module hiding this particular code for some reason. If that's the case (possible, but unlikely it would bother with a perl script) your entire system is now questioned.
Rich Homolka
Posted 2014-03-11T14:11:32.953
Reputation: 27 121
2
What OS is it? AFAIK if the process is running when you did 'ps -ef | grep -i blt.pl' it should show up. What kind of process it is? Is it a very short lived process? If so, you can monitor with some scripts.
Or May be the script blt.pl is starting some other program/script and exits. If you know what the script is doing, probably you can try to find that process.
Chandrasekar
Posted 2014-03-11T14:11:32.953
Reputation: 221
FWIW, OS X supports both the SYSV syntax (-ef) and BSD (auxwww). – Alan Shutko – 2014-03-11T14:42:13.200
@AlanShutko Thanks... was not aware. Is this in the default ps or in some GNU ps? – Rich Homolka – 2014-03-11T14:57:37.903
It's in the default BSD ps. I can't remember offhand when BSD started supporting sysv switches in ps, but I'm pretty sure it was a long, long time ago. It differentiates by the presence of the dash at the beginning: dash means sysv, no dash means bsd options. Interestingly, the man page on OSX does not mention the sysv syntax, and puts dashes before the options, which does not actually work to allow BSD syntax. The man page does note that the command is compliant with Single Unix Specification v3, which is sysv-like. – Alan Shutko – 2014-03-11T15:26:38.867