diff --git a/README.md b/README.md
index a4a10a5..ffa3a7d 100644
--- a/README.md
+++ b/README.md
@@ -139,7 +139,7 @@ time find / -fstype ext4 -type f -uid 0 -exec dd if='{}' of=/dev/null count=0 st
 
 ## Syscall logging with auditd
 auditd is able to log every single syscall of a process.
-1. `autrace [-r] path/to/executable -with -args`
+1. `autrace [-r] /path/to/executable -with -args`
 2. When the executable is finished, it returns a pid number
 3. `ausearch -i -p <pid> > /path/to/auditlog` saves then the complete audit log to a file.
 4. find all accessed files with