commit 702de38dd7ab7d6ddd4d3644595925dbcc0aee60
author Paul Chaignon <paul.chaignon@gmail.com> Sun Jan 28 13:41:35 2018 +0100
committer Paul Chaignon <paul.chaignon@gmail.com> Sun Jan 28 13:41:35 2018 +0100
tree 5f856166cfef607ad2a647d553ce27673ab648d7
parent 44463d5344d0bc1fd14efd69e71bfbc2da3d3375

opensnoop: -d option for duration

tools/opensnoop.py

diff --git a/tools/opensnoop.py b/tools/opensnoop.py
index 112c56a..cbe8df5 100755
--- a/tools/opensnoop.py
+++ b/tools/opensnoop.py
@@ -4,7 +4,7 @@
 # opensnoop Trace open() syscalls.
 #           For Linux, uses BCC, eBPF. Embedded C.
 #
-# USAGE: opensnoop [-h] [-T] [-x] [-p PID] [-t TID] [-n NAME]
+# USAGE: opensnoop [-h] [-T] [-x] [-p PID] [-d DURATION] [-t TID] [-n NAME]
 #
 # Copyright (c) 2015 Brendan Gregg.
 # Licensed under the Apache License, Version 2.0 (the "License")
@@ -17,6 +17,7 @@
 from bcc import BPF
 import argparse
 import ctypes as ct
+from datetime import datetime, timedelta
 
 # arguments
 examples = """examples:
@@ -25,6 +26,7 @@
     ./opensnoop -x        # only show failed opens
     ./opensnoop -p 181    # only trace PID 181
     ./opensnoop -t 123    # only trace TID 123
+    ./opensnoop -d 10     # trace for 10 seconds only
     ./opensnoop -n main   # only print process names containing "main"
 """
 parser = argparse.ArgumentParser(
@@ -39,10 +41,14 @@
     help="trace this PID only")
 parser.add_argument("-t", "--tid",
     help="trace this TID only")
+parser.add_argument("-d", "--duration",
+    help="total duration of trace in seconds")
 parser.add_argument("-n", "--name",
     help="only print process names containing this name")
 args = parser.parse_args()
 debug = 0
+if args.duration:
+    args.duration = timedelta(seconds=int(args.duration))
 
 # define BPF program
 bpf_text = """
@@ -179,5 +185,6 @@
 
 # loop with callback to print_event
 b["events"].open_perf_buffer(print_event, page_cnt=64)
-while 1:
+start_time = datetime.now()
+while not args.duration or datetime.now() - start_time < args.duration:
     b.kprobe_poll()

tools/opensnoop_example.txt

diff --git a/tools/opensnoop_example.txt b/tools/opensnoop_example.txt
index fc92001..1d00f12 100644
--- a/tools/opensnoop_example.txt
+++ b/tools/opensnoop_example.txt
@@ -89,6 +89,18 @@
 file or directory.
 
 
+A maximum tracing duration can be set with the -d option. For example, to trace
+for 2 seconds:
+
+# ./opensnoop -d 2
+PID    COMM               FD ERR PATH
+2191   indicator-multi    11   0 /sys/block
+2191   indicator-multi    11   0 /sys/block
+2191   indicator-multi    11   0 /sys/block
+2191   indicator-multi    11   0 /sys/block
+2191   indicator-multi    11   0 /sys/block
+
+
 The -n option can be used to filter on process name using partial matches:
 
 # ./opensnoop -n ed
@@ -123,7 +135,7 @@
 USAGE message:
 
 # ./opensnoop -h
-usage: opensnoop [-h] [-T] [-x] [-p PID] [-t TID] [-n NAME]
+usage: opensnoop [-h] [-T] [-x] [-p PID] [-t TID] [-d DURATION] [-n NAME]
 
 Trace open() syscalls
 
@@ -133,6 +145,8 @@
   -x, --failed          only show failed opens
   -p PID, --pid PID     trace this PID only
   -t TID, --tid TID     trace this TID only
+  -d DURATION, --duration DURATION
+                        total duration of trace in seconds
   -n NAME, --name NAME  only print process names containing this name
 
 examples:
@@ -141,4 +155,5 @@
     ./opensnoop -x        # only show failed opens
     ./opensnoop -p 181    # only trace PID 181
     ./opensnoop -t 123    # only trace TID 123
+    ./opensnoop -d 10     # trace for 10 seconds only
     ./opensnoop -n main   # only print process names containing "main"