diff options
Diffstat (limited to 'lket.5.in')
| -rw-r--r-- | lket.5.in | 38 |
1 files changed, 25 insertions, 13 deletions
@@ -29,7 +29,7 @@ user. Once the data has been collected, it is then post-processed according to the need of the user. Trace data can be processed in various different ways to generate simple to complex reports. -.SH TRACE DATA FORMAT +.SH BINARY TRACING By default, LKET will log the trace data in binary format. @@ -46,6 +46,7 @@ generated by LKET into readable data in ascii format. uses the pre-cpu binary trace data files(stpd_cpu*) as inputs, and generates an output file named .IR lket.out . +or dump the trace data into MySQL database. See .IR lket-b2a (1) manual page for more detail. @@ -55,14 +56,25 @@ If you want LKET to log trace data in ASCII format directly, you should: stap \-D ASCII_TRACE ... .ESAMPLE +.B *Notes* +that in order to make +.I LKET +able to work in binary tracing mode, all strings logged by +.I LKET +should be NULL-terminated, which means you have +to use "%0s" instead of "%s" for both user appended extra printing statements +and _lket_trace() which is called in +.I LKET +tapsets. + .SH EVENT REGISTER LKET provides a way to log the metadata of the trace data by events registering. -Two function is provided: +Two functions is provided: .P .IP -.SB register_sys_event(event_desc:string, grpid:long, hookid:long, fmt:string, names:string) +.SB void _register_sys_event (char *event_desc, int grpid, int hookid, char *fmt, char *field_name) .IP .SB register_user_event(grpid:long, hookid:long, fmt:string, names:string) .P @@ -94,30 +106,30 @@ The names contains in should match the format tokens contains in .I fmt -.B register_sys_event -is used to register the newly added event hooks. For example, supposing you +.B _register_sys_event is a c function which is used to register the newly +added trace hooks in LKET tapsets. For example, supposing you want to add a new event hook to trace the entry of sys_open, and you want this event hook to log the fd, flag and mode paremeters for you. You should add: .SAMPLE -register_sys_event("iosyscall.open.entry", - GROUP_IOSYSCALL, HOOKID_IOSYSCALL_OPEN_ENTRY, - "STRING:INT32:INT32", "filename:flags:mode") +_register_sys_event("iosyscall.open.entry", + _GROUP_IOSYSCALL, + _HOOKID_IOSYSCALL_OPEN_ENTRY, + "STRING:INT32:INT32", + "filename:flags:mode"); .ESAMPLE into the function .B register_sys_events in LKET/register_event.stp - .B register_user_event -is used for user to add extra trace data for a event hook. See -the section +is a SystemTap script function which is used for user to add extra trace data +for a event hook. See the section .B CUSTOMIZED TRACE DATA for more detail - .SH CUSTOMIZED TRACE DATA LKET provides a set of event hooks that log the predefined @@ -173,7 +185,7 @@ to convert these binary trace data files into readable ascii format or dump them .IR lket-b2a (1) man page for more detail. -.SH EVENT HOOKS +.SH EVENT HOOKS AND TRACE DATA FORMAT The following sections enumerate the variety of event hooks implemented in LKET and their trace data format. The trace data generated by different |