ex class will monitor exec and execve system calls and audit those.
Be careful if your apps are running as root (which they should not), since auditing every root exec or execve call will generate alot of logs.
Other then that argv will also audit everything that is passed to program as an argument.
Sounds reasonable if that is what you want to audit and it is ran by user not root.
Of course, test it, don't deploy auditing on production system before careful testing on test systems. Experiment with various classes to achive the needed results, then go forward.
If deployed wrong, it can halt your system if, for instance, there is no space left for audit logs (if configured like that).
Handle with care