Monitoring Reads and Writes to a File

Monitoring Reads and Writes to a File script examples monitoring reads and writes to a file examples of SystemTap scripts monitoring reads and writes to a file monitoring reads and writes to a file examples of SystemTap scripts file reads/writes, monitoring examples of SystemTap scripts reads/writes to a file, monitoring examples of SystemTap scripts writes/reads to a file, monitoring examples of SystemTap scripts WAR STORY: monitoring inode activity http://sourceware.org/systemtap/wiki/WSFileMonitor?highlight=((WarStories)) no script in examples This section describes how to monitor reads from and writes to a file in real time. inodewatch-simple.stp need to add references to sources/man pages that explain how "dev_nr = $file->f_dentry->d_inode->i_sb->s_dev" and "($1 << 20 | $2)". takes the following information about the file as arguments on the command line: script examples file device number (integer format) examples of SystemTap scripts file device number (integer format) file device number (integer format) examples of SystemTap scripts device number of a file (integer format) examples of SystemTap scripts The file's major device number. The file's minor device number. The file's inode number. script examples stat -c, determining file device number (integer format) examples of SystemTap scripts stat -c, determining file device number (integer format) stat -c, determining file device number (integer format) examples of SystemTap scripts To get this information, use stat -c '%D %i' filename, where filename is an absolute path. For instance: if you wish to monitor /etc/crontab, run stat -c '%D %i' /etc/crontab first. This gives the following output: 805 1078319 script examples inode number examples of SystemTap scripts inode number inode number examples of SystemTap scripts 805 is the base-16 (hexadecimal) device number. The lower two digits are the minor device number and the upper digits are the major number. 1078319 is the inode number. To start monitoring /etc/crontab, run stap inodewatch.stp 0x8 0x05 1078319 (The 0x prefixes indicate base-16 values. The output of this command contains the name and ID of any process performing a read/write, the function it is performing (i.e. vfs_read or vfs_write), the device number (in hex format), and the inode number. contains the output of stap inodewatch.stp 0x8 0x05 1078319 (when cat /etc/crontab is executed while the script is running) : <xref linkend="inodewatch"/> Sample Output cat(16437) vfs_read 0x800005/1078319 cat(16437) vfs_read 0x800005/1078319