Besides using esf, are there any other ways to perceive process start events in real time? Libbsm is currently disabled by default
how to get process exec event
To what end?
Most folks who ask questions like this are trying to do some sort of security product, in which case Endpoint Security is the right option. So I’m curious what you plan to do with this information if you’re not a security product.
Share and Enjoy
—
Quinn “The Eskimo!” @ Developer Technical Support @ Apple
let myEmail = "eskimo" + "1" + "@" + "apple.com"