snippetbashTip
bpftrace — High-level tracing language for Linux eBPF. More information: <https://github.com/bpftrace/bpftrace/
Viewed 0 times
commandlanguagelevelclihighforbpftracetracing
linux
Problem
How to use the
bpftrace command: High-level tracing language for Linux eBPF. More information: <https://github.com/bpftrace/bpftrace/blob/master/man/adoc/bpftrace.adoc>.Solution
bpftrace — High-level tracing language for Linux eBPF. More information: <https://github.com/bpftrace/bpftrace/blob/master/man/adoc/bpftrace.adoc>.List all available probes:
sudo bpftrace -lRun a one-liner program (e.g. syscall count by program):
sudo bpftrace -e '{{tracepoint:raw_syscalls:sys_enter { @[comm] = count(); }}}'Run a program from a file:
sudo bpftrace {{path/to/file}}Trace a program by PID:
sudo bpftrace -e '{{tracepoint:raw_syscalls:sys_enter /pid == 123/ { @[comm] = count(); }}}'Do a dry run and display the output in eBPF format:
sudo bpftrace -d -e '{{one_line_program}}'Display version:
bpftrace {{[-V|--version]}}Code Snippets
List all available probes
sudo bpftrace -lRun a one-liner program (e.g. syscall count by program)
sudo bpftrace -e '{{tracepoint:raw_syscalls:sys_enter { @[comm] = count(); }}}'Run a program from a file
sudo bpftrace {{path/to/file}}Trace a program by PID
sudo bpftrace -e '{{tracepoint:raw_syscalls:sys_enter /pid == 123/ { @[comm] = count(); }}}'Do a dry run and display the output in eBPF format
sudo bpftrace -d -e '{{one_line_program}}'Context
tldr-pages: linux/bpftrace
Revisions (0)
No revisions yet.