https://github.com/asphaltt/syscalldist

A bcc-like tool to analyze syscall's histogram. Apache License 2.0
https://github.com/asphaltt/syscalldist

ebpf linux-syscall sycalldist

Last synced: 20 days ago
JSON representation

A bcc-like tool to analyze syscall's histogram. Apache License 2.0

• Host: GitHub
• URL: https://github.com/asphaltt/syscalldist
• Owner: Asphaltt
• License: apache-2.0
• Created: 2022-09-08T15:03:52.000Z (over 2 years ago)
• Default Branch: main
• Last Pushed: 2023-03-01T14:31:00.000Z (almost 2 years ago)
• Last Synced: 2024-11-13T18:45:31.348Z (3 months ago)
• Topics: ebpf, linux-syscall, sycalldist
• Language: C
• Homepage:
• Size: 669 KB
• Stars: 1
• Watchers: 2
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
# syscalldist

**syscalldist** is the tool to profile syscalls.

## Build and run

```bash

# git clone https://github.com/Asphaltt/syscalldist.git

# cd syscalldist

# go generate && go build

# ./syscalldist -h

Usage of ./syscalldist:

      --kernel-btf string     kernel BTF file

  -l, --list-syscall          list syscalls of amd64 Linux used by Go syscall

      --pid uint32            filter pid

      --syscall uint32        filter syscall id

      --syscall-name string   filter syscall name

pflag: help requested

#  ./syscalldist

2023/03/01 14:12:19 Attached raw_tracepoint(sys_enter)

2023/03/01 14:12:19 Attached raw_tracepoint(sys_exit)

2023/03/01 14:12:19 Hit Ctrl-C to end.

^C

Histogram for syscall(0/read) (sum 1):

     usecs               : count         distribution

         0 -> 1          : 0             |                                        |

         2 -> 3          : 0             |                                        |

         4 -> 7          : 0             |                                        |

         8 -> 15         : 1             |****************************************|

Histogram for syscall(1/write) (sum 2):

     usecs               : count         distribution

         0 -> 1          : 0             |                                        |

         2 -> 3          : 0             |                                        |

         4 -> 7          : 2             |****************************************|

Histogram for syscall(9/mmap) (sum 1):

     usecs               : count         distribution

         0 -> 1          : 0             |                                        |

         2 -> 3          : 0             |                                        |

         4 -> 7          : 1             |****************************************|

```

## Raw tracepoints

`syscalldist` runs on raw tracepoints `sys_enter` and `sys_exit`.

## License

Apache-2.0 license