On Tuesday, November 09, 2010 08:25:07 am ESGLinux wrote:There are 2 other possibilities and that is that it terminates abnormally or that it
> it´s like anybody outside the process gives a kill to it.
You should be able to get something. You would probably just need the "kill", "exit",
> My question is with audit rules I can get any information about what is
> happening with this process.
> something like this:
> -a entry,always -F pid=32179 -S all -k TOMCAT_JAVA
> (pid=32179 is the pid of the process)
and "exit_group" syscalls.