Sysdig: system troubleshooting tool - linux - newfreesoft.com

Home

PC Games

Linux

Windows

Database

Network

Programming

Server

Mobile


	Home \ Linux \ Sysdig: system troubleshooting tool			- Oracle 11g tracking and monitoring system-level triggers to drop misuse (Database) - Use libpq under Ubuntu 14.04 (Linux) - Ubuntu 14.10 splash screen brightness settings (Linux) - Linux 6 install Oracle 11g (64bit) (Database) - Ubuntu 12.04 commonly use shortcuts finishing Share (Linux) - Customize the output format in Linux history (Linux) - Qt for file splitting and fusion gadgets (Programming) - Comparison of C # and Java (Programming) - Teach you how to protect the security of Linux desktop (Linux) - CentOS cross compiler core Raspberry Pi 2 (Linux) - Python control multi-process and multi-threaded concurrency (Programming) - Oracle Data Guard LOG_ARCHIVE_DEST_n optional attribute parameters (Database) - How to fix apt-get update can not add a new CD-ROM error (Linux) - Linux installed PCRE (Linux) - MySQL stored procedures execute dynamic sql statement (Database) - Linux gprof oprofiling and performance testing tools (Linux) - Java string equal size comparison (Programming) - UUID in Java (Programming) - stat Usage: Get permission to file the corresponding figures (Linux) - How to compare PDF files on Ubuntu (Linux)

	Sysdig: system troubleshooting tool
	Add Date : 2017-04-13



	Sysdig listening at the operating system level, and the system calls and system events and other activities capture system down, which makes it look very much like the system-oriented tcpdump or Wireshark. If you intend to abnormal system failure investigation, it will be your problem Sysdig handy weapon. On Linux, can be installed Sysdig use the following command: curl -s https://s3.amazonaws.com/download.draios.com/stable/install-sysdig \| sudo bash This will Sysdig installed rpm or deb-based Linux systems. Capture system activity Real-time capture, print the results to the standard output: sysdig Save the results to a file capture system.scap, to facilitate later analysis: sysdig -w system.scap Specifies the number of events captured 200 and saved to the file: sysdig -n 200 -w system.scap Reads the captured file: sysdig -r system.scap Capture the interpretation of results (1) (2) (3) (4) (5) (6) (7) (8) 1 10: 54: 50.462463956 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 2 10: 54: 50.462603110 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 3 10: 54: 50.462729565 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 4 10: 54: 50.462859521 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 5 10: 54: 50.463206317 0 sysdig (29043)> switch next = 0 pgft_maj = 0 pgft_min = 1790 vm_size = 35748 vm_rss = 7164 vm_swap = 0 6 10: 54: 50.464246835 0 < NA> (0)> switch next = 7 pgft_maj = 0 pgft_min = 0 vm_size = 0 vm_rss = 0 vm_swap = 0 7 10: 54: 50.464249707 2 < NA> (0)> switch next = 8374 pgft_maj = 0 pgft_min = 0 vm_size = 0 vm_rss = 0 vm_swap = 0 8 10: 54: 50.464255940 0 < NA> (7)> switch next = 0 pgft_maj = 0 pgft_min = 0 vm_size = 0 vm_rss = 0 vm_swap = 0 9 10: 54: 50.464264256 2 < NA> (8374)> switch next = 0 pgft_maj = 0 pgft_min = 0 vm_size = 0 vm_rss = 0 vm_swap = 0 10 10: 54: 50.464358113 2 < NA> (0)> switch next = 854 (mlnet) pgft_maj = 0 pgft_min = 0 vm_size = 0 vm_rss = 0 vm_swap = 0 11 10: 54: 50.464370099 2 mlnet (854) < poll res = 0 fds = 12 10: 54: 50.464378193 2 mlnet (854)> poll fds = timeout = 5 13 10: 54: 50.464385400 2 mlnet (854)> switch next = 0 pgft_maj = 216 pgft_min = 3386 vm_size = 162608 vm_rss = 12196 vm_swap = 2716 14 10: 54: 50.464950541 0 < NA> (0)> switch next = 1105 (memcached) pgft_maj = 0 pgft_min = 0 vm_size = 0 vm_rss = 0 vm_swap = 0 15 10: 54: 50.464954692 0 memcached (1105) < epoll_wait res = 0 16 10: 54: 50.464976007 0 memcached (1105)> epoll_wait maxevents = 32 17 10: 54: 50.464984030 0 memcached (1105)> switch next = 0 pgft_maj = 3 pgft_min = 247 vm_size = 327412 vm_rss = 1860 vm_swap = 468 18 10: 54: 50.465256687 2 < NA> (0)> switch next = 2181 (plugin-containe) pgft_maj = 0 pgft_min = 0 vm_size = 0 vm_rss = 0 vm_swap = 0 19 10: 54: 50.465261465 2 plugin-containe (2181) < poll res = 0 fds = 20 10: 54: 50.465297692 2 plugin-containe (2181)> getrlimit resource = 3 (RLIMIT_STACK) The results captured by Sysdig As indicated above, the meaning of each column are as follows: Event number Timestamp CPU ID Process Name Thread ID Event direction> to enter the event, < an exit event Types of events, such as open, read, etc. Event parameter list Capture Filter Results By default, Sysdig captured information is very much in our interest to find the information from, which requires grep-like filtering. Filter by category field: sysdig -r system.scap proc.name = sysdig This command system to filter out the process called sysdig events, the result is: 1 10: 54: 50.462463956 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 2 10: 54: 50.462603110 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 3 10: 54: 50.462729565 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 4 10: 54: 50.462859521 0 sysdig (29043)> sysdigevent event_type = 1 event_data = 0 5 10: 54: 50.463206317 0 sysdig (29043)> switch next = 0 pgft_maj = 0 pgft_min = 1790 vm_size = 35748 vm_rss = 7164 vm_swap = 0 Sysdig offer include fd, process, evt, user, group, syslog fields such as category, can be found by sysdig -l. In addition to = outside, Sysdig filter expression also supports the! =, < , < =,>,> =, And contains other more operators. Also, you can use and, or, not, etc. Boolean operators. E.g: sysdig -r system.scap proc.name = sysdig and evt.type = switch Chisels In Sysdig in, chisels Lua script is written, can be used to extend Sysdig filtering. For example, we want to see the most frequently read and write disk files process, you can use this topprocs_file chisels: sysdig -c topprocs_file Results: Bytes Process ------------------------------ 448.36KB mozStorage 220.38KB perl 1.69KB tmux 1.62KB sh 1.59KB Xorg 1.30KB urxvtd More chisels, by sysdig -cl understanding. Of course, if you are familiar with Lua, you can also write your own chisels.



	More:
	- Easily create RPM packages using the FPM (Linux) - A list of the basics of Python, Ganso, Dictionary (Programming) - CentOS 6.5 installation and configuration Cobbler (Server) - No password on Oracle and MySQL login (Database) - tar command to extract a file error: stdin has more than one entry (Linux) - Linux Kernel 4.2.2 compiler installation tutorial (Linux) - Hadoop connection failed or stuck processing (Server) - Findbugs installation documentation (Linux) - Linux / CentOS 7.0 installation and configuration under Tomcat 8.0 (Server) - What have we learn from the front-end application Nodejs (Programming) - Using Python and OpenCV detecting image barcode (Programming) - Install Ubuntu Software Center App Grid (Linux) - OpenSSL Introduction and compilation steps on Windows, Linux, Mac systems (Linux) - How to remove the files inside the privacy of data on Linux (Linux) - Linux operation and maintenance engineers face questions Intermediate (Linux) - C # dynamic class notes --- (Dynamic) Applications (Programming) - Linux Network Statistics Tools / Command (Linux) - Google open source TCP team repaired the Linux kernel TCP flaw (Linux) - JVM garbage collector and memory allocation strategy (Programming) - Oracle 11g manually create a database (Database)


	CopyRight 2002-2022 newfreesoft.com, All Rights Reserved.