Wednesday 1 February 2017

Using fatrace to monitor calls to specific directories / files on CentOS 7

Currently fatrace is not available within the EPEL repo's for CentOS 7 - so we must instead download the Fedora COPR repo:

cd /tmp

curl > /etc/yum.repos.d/ifas.repo

yum install fatrace

and then to monitor the current mount for open handles we can issue:

sudo fatrace -f O -c

The '-f' parameter specifies that we wish to monitor open handles - available handles are as follows:

C = Create file
R = Read file
O = Open file
W = Write to file


