BCC - Ngwa nchụso dị egwu maka nlekota arụmọrụ Linux, ịkparịta ụka n'Ịntanet na ndị ọzọ
BCC (BPF Compiler Collection) bụ ngwa ọrụ dị ike na faịlụ ihe atụ maka ịmepụta mmemme nchọta kernel bara uru. Ọ na-eji BPF gbatịrị agbatị (Berkeley Packet Filters), nke a maara na mbụ dị ka eBPF nke bụ otu n'ime njirimara ọhụrụ na Linux 3.15.
N'ezie, ọtụtụ n'ime ihe ndị BCC na-eji chọrọ Linux 4.1 ma ọ bụ n'elu, yana njiri mara ya gụnyere:
- Achọghị modul kernel otu nke atọ, ebe ọ bụ na ngwaọrụ niile na-arụ ọrụ dabere na BPF nke arụnyere n'ime kernel na BCC na-eji atụmatụ agbakwunyere na usoro Linux 4.x.
- Na-eme ka nlele nke ngwanro arụrụ ọrụ.
- Gụnyere ọtụtụ ngwaọrụ nyocha arụmọrụ nwere faịlụ ihe atụ na ibe mmadụ.
Kachasị mma maka ndị ọrụ Linux dị elu, BCC na-eme ka ọ dị mfe ide mmemme BPF site na iji kernel instrumentation na C, na n'ihu na Python na lua. Na mgbakwunye, ọ na-akwado ọtụtụ ọrụ dị ka nyocha arụmọrụ, nleba anya, njikwa okporo ụzọ netwọkụ yana ọtụtụ ndị ọzọ.
Otu esi etinye BCC na Linux Systems
Cheta na BCC na-eji atụmatụ agbakwunyere na ụdị Linux kernel 4.1 ma ọ bụ karịa, yana dịka ihe achọrọ, ekwesịrị iji ọkọlọtọ chịkọta kernel n'okpuru:
CONFIG_BPF=y CONFIG_BPF_SYSCALL=y # [optional, for tc filters] CONFIG_NET_CLS_BPF=m # [optional, for tc actions] CONFIG_NET_ACT_BPF=m CONFIG_BPF_JIT=y CONFIG_HAVE_BPF_JIT=y # [optional, for kprobes] CONFIG_BPF_EVENTS=y
Iji lelee ọkọlọtọ kernel gị, lelee faịlụ /proc/config.gz ma ọ bụ mee iwu dị ka ọmụmaatụ n'okpuru:
[email ~ $ grep CONFIG_BPF= /boot/config-`uname -r` CONFIG_BPF=y [email ~ $ grep CONFIG_BPF_SYSCALL= /boot/config-`uname -r` CONFIG_BPF_SYSCALL=y [email ~ $ grep CONFIG_NET_CLS_BPF= /boot/config-`uname -r` CONFIG_NET_CLS_BPF=m [email ~ $ grep CONFIG_NET_ACT_BPF= /boot/config-`uname -r` CONFIG_NET_ACT_BPF=m [email ~ $ grep CONFIG_BPF_JIT= /boot/config-`uname -r` CONFIG_BPF_JIT=y [email ~ $ grep CONFIG_HAVE_BPF_JIT= /boot/config-`uname -r` CONFIG_HAVE_BPF_JIT=y [email ~ $ grep CONFIG_BPF_EVENTS= /boot/config-`uname -r` CONFIG_BPF_EVENTS=y
Mgbe enyochachara ọkọlọtọ kernel, oge erugo ịwụnye ngwaọrụ BCC na sistemụ Linux.
Naanị ngwugwu abalị ka emepụtara maka Ubuntu 16.04, mana ntuziaka nrụnye kwụ ọtọ. Enweghị mkpa nkwalite kernel ma ọ bụ chịkọta ya site na isi mmalite.
$ echo "deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main" | sudo tee /etc/apt/sources.list.d/iovisor.list $ sudo apt-get update $ sudo apt-get install bcc-tools
Malite site na ịwụnye kernel Linux 4.3+, site na http://kernel.ubuntu.com/~kernel-ppa/mainline.
Dịka ọmụmaatụ, dee obere edemede shei bcc-install.sh yana ọdịnaya dị n'okpuru.
Mara: melite uru PREFIX ka ọ bụrụ ụbọchị kachasị ọhụrụ, wee chọgharịa faịlụ ndị dị na PREFIX url enyere iji nweta uru REL n'ezie, dochie ha na edemede shei.
#!/bin/bash
VER=4.5.1-040501
PREFIX=http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.5.1-wily/
REL=201604121331
wget ${PREFIX}/linux-headers-${VER}-generic_${VER}.${REL}_amd64.deb
wget ${PREFIX}/linux-headers-${VER}_${VER}.${REL}_all.deb
wget ${PREFIX}/linux-image-${VER}-generic_${VER}.${REL}_amd64.deb
sudo dpkg -i linux-*${VER}.${REL}*.deb
Chekwaa faịlụ wee pụọ. Mee ka ọ rụọ ọrụ, wee mee ya dị ka egosiri:
$ chmod +x bcc-install.sh $ sh bcc-install.sh
Mgbe ahụ, malitegharịa usoro gị.
$ reboot
Na-esote, gbasoo iwu dị n'okpuru ka ịwụnye ngwugwu BCC bịanyere aka na ya:
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys D4284CDD $ echo "deb https://repo.iovisor.org/apt trusty main" | sudo tee /etc/apt/sources.list.d/iovisor.list $ sudo apt-get update $ sudo apt-get install binutils bcc bcc-tools libbcc-examples python-bcc
Wụnye kernel 4.2+ site na http://alt.fedoraproject.org/pub/alt/rawhide-kernel-nodebug, ma ọ bụrụ na sistemụ gị nwere ụdị dị ala karịa ihe achọrọ. N'okpuru bụ ọmụmaatụ otu esi eme nke ahụ:
$ sudo dnf config-manager --add-repo=http://alt.fedoraproject.org/pub/alt/rawhide-kernel-nodebug/fedora-rawhide-kernel-nodebug.repo $ sudo dnf update $ reboot
Mgbe nke ahụ gasịrị, gbakwunye ebe nchekwa ngwaọrụ BBC, melite sistemụ gị wee wụnye ngwaọrụ site na ịme usoro iwu na-esote:
$ echo -e '[iovisor]\nbaseurl=https://repo.iovisor.org/yum/nightly/f23/$basearch\nenabled=1\ngpgcheck=0' | sudo tee /etc/yum.repos.d/iovisor.repo $ sudo dnf update $ sudo dnf install bcc-tools
Ị ga-amalite site na ịkwalite kernel gị ka ọ dịkarịa ala ụdị 4.3.1-1, mechaa tinye ngwugwu ndị dị n'okpuru site na iji njikwa ngwugwu Arch ọ bụla dị ka pacaur, yaourt, cower, wdg.
bcc bcc-tools python-bcc python2-bcc
Otu esi eji Ngwa BCC na Sistemụ Linux
Awụnyere ngwa BCC niile n'okpuru /usr/share/bcc/ngwaọrụ ndekọ. Agbanyeghị, ịnwere ike ịmegharị ha ọzọ site na ebe nchekwa BCC Github n'okpuru /ngwaọrụ ebe ha ji ndọtị .py mechie.
$ ls /usr/share/bcc/tools argdist capable filetop offwaketime stackcount vfscount bashreadline cpudist funccount old stacksnoop vfsstat biolatency dcsnoop funclatency oomkill statsnoop wakeuptime biosnoop dcstat gethostlatency opensnoop syncsnoop xfsdist biotop doc hardirqs pidpersec tcpaccept xfsslower bitesize execsnoop killsnoop profile tcpconnect zfsdist btrfsdist ext4dist mdflush runqlat tcpconnlat zfsslower btrfsslower ext4slower memleak softirqs tcpretrans cachestat filelife mysqld_qslower solisten tplist cachetop fileslower offcputime sslsniff trace
Anyị ga-ekpuchi ihe atụ ole na ole n'okpuru - nlekota oru sistemu Linux izugbe na ịkparịta ụka n'Ịntanet.
Ka anyị bido site na iji opensnoop chọta oghe() syscals niile. Nke a na-enyere anyị aka ịgwa anyị ka ngwa dị iche iche si arụ ọrụ site na ịchọpụta faịlụ data ha, nhazi faịlụ na ọtụtụ ndị ọzọ:
$ cd /usr/share/bcc/tools $ sudo ./opensnoop PID COMM FD ERR PATH 1 systemd 35 0 /proc/self/mountinfo 2797 udisksd 13 0 /proc/self/mountinfo 1 systemd 35 0 /sys/devices/pci0000:00/0000:00:0d.0/ata3/host2/target2:0:0/2:0:0:0/block/sda/sda1/uevent 1 systemd 35 0 /run/udev/data/b8:1 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount 1 systemd -1 2 /usr/local/lib/systemd/system/sys-kernel-debug-tracing.mount 2247 systemd 15 0 /proc/self/mountinfo 1 systemd -1 2 /lib/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /usr/lib/systemd/system/sys-kernel-debug-tracing.mount 1 systemd -1 2 /run/systemd/generator.late/sys-kernel-debug-tracing.mount 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /usr/local/lib/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /usr/local/lib/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /lib/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /lib/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /usr/lib/systemd/system/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /usr/lib/systemd/system/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /run/systemd/generator.late/sys-kernel-debug-tracing.mount.wants 1 systemd -1 2 /run/systemd/generator.late/sys-kernel-debug-tracing.mount.requires 1 systemd -1 2 /etc/systemd/system/sys-kernel-debug-tracing.mount.d 1 systemd -1 2 /run/systemd/system/sys-kernel-debug-tracing.mount.d 1 systemd -1 2 /run/systemd/generator/sys-kernel-debug-tracing.mount.d ....
Na ọmụmaatụ a, ọ na-egosi nchịkọta nkesa diski I/O latency site na iji biolatecency. Mgbe ịmechara iwu ahụ, chere nkeji ole na ole wee kụọ Ctrl-C iji kwụsị ya wee lelee mmepụta.
$ sudo ./biolatecncy
Tracing block device I/O... Hit Ctrl-C to end.
^C
usecs : count distribution
0 -> 1 : 0 | |
2 -> 3 : 0 | |
4 -> 7 : 0 | |
8 -> 15 : 0 | |
16 -> 31 : 0 | |
32 -> 63 : 0 | |
64 -> 127 : 0 | |
128 -> 255 : 3 |****************************************|
256 -> 511 : 3 |****************************************|
512 -> 1023 : 1 |************* |
N'akụkụ a, anyị ga-aga n'ihu na-achọpụta usoro ọhụrụ na mmezu site na iji ngwa execsnoop. Mgbe ọ bụla a na-eji ndụdụ() na exec() syscals dagharịa, a na-egosi ya na mmepụta. Agbanyeghị, ọ bụghị usoro niile ka ejidere.
$ sudo ./execsnoop PCOMM PID PPID RET ARGS gnome-screensho 14882 14881 0 /usr/bin/gnome-screenshot --gapplication-service systemd-hostnam 14892 1 0 /lib/systemd/systemd-hostnamed nautilus 14897 2767 -2 /home/tecmint/bin/net usershare info nautilus 14897 2767 -2 /home/tecmint/.local/bin/net usershare info nautilus 14897 2767 -2 /usr/local/sbin/net usershare info nautilus 14897 2767 -2 /usr/local/bin/net usershare info nautilus 14897 2767 -2 /usr/sbin/net usershare info nautilus 14897 2767 -2 /usr/bin/net usershare info nautilus 14897 2767 -2 /sbin/net usershare info nautilus 14897 2767 -2 /bin/net usershare info nautilus 14897 2767 -2 /usr/games/net usershare info nautilus 14897 2767 -2 /usr/local/games/net usershare info nautilus 14897 2767 -2 /snap/bin/net usershare info compiz 14899 14898 -2 /home/tecmint/bin/libreoffice --calc compiz 14899 14898 -2 /home/tecmint/.local/bin/libreoffice --calc compiz 14899 14898 -2 /usr/local/sbin/libreoffice --calc compiz 14899 14898 -2 /usr/local/bin/libreoffice --calc compiz 14899 14898 -2 /usr/sbin/libreoffice --calc libreoffice 14899 2252 0 /usr/bin/libreoffice --calc dirname 14902 14899 0 /usr/bin/dirname /usr/bin/libreoffice basename 14903 14899 0 /usr/bin/basename /usr/bin/libreoffice ...
Iji ext4slower chọpụta usoro faịlụ ext4 na-arụkarị ọrụ nke na-eji nwayọọ karịa 10ms, iji nyere anyị aka ịchọpụta diski I/O nke nwere onwe ya site na sistemụ faịlụ.
Ọ na-ewepụta naanị ọrụ ndị gafere oke:
$ sudo ./execslower Tracing ext4 operations slower than 10 ms TIME COMM PID T BYTES OFF_KB LAT(ms) FILENAME 11:59:13 upstart 2252 W 48 1 10.76 dbus.log 11:59:13 gnome-screensh 14993 R 144 0 10.96 settings.ini 11:59:13 gnome-screensh 14993 R 28 0 16.02 gtk.css 11:59:13 gnome-screensh 14993 R 3389 0 18.32 gtk-main.css 11:59:25 rs:main Q:Reg 1826 W 156 60 31.85 syslog 11:59:25 pool 15002 R 208 0 14.98 .xsession-errors 11:59:25 pool 15002 R 644 0 12.28 .ICEauthority 11:59:25 pool 15002 R 220 0 13.38 .bash_logout 11:59:27 dconf-service 2599 S 0 0 22.75 user.BHDKOY 11:59:33 compiz 2548 R 4096 0 19.03 firefox.desktop 11:59:34 compiz 15008 R 128 0 27.52 firefox.sh 11:59:34 firefox 15008 R 128 0 36.48 firefox 11:59:34 zeitgeist-daem 2988 S 0 0 62.23 activity.sqlite-wal 11:59:34 zeitgeist-fts 2996 R 8192 40 15.67 postlist.DB 11:59:34 firefox 15008 R 140 0 18.05 dependentlibs.list 11:59:34 zeitgeist-fts 2996 S 0 0 25.96 position.tmp 11:59:34 firefox 15008 R 4096 0 10.67 libplc4.so 11:59:34 zeitgeist-fts 2996 S 0 0 11.29 termlist.tmp ...
Na-esote, ka anyị banye n'ime ibipụta ahịrị kwa diski I/O nke ọ bụla, yana nkọwa dịka ID nhazi, ngalaba, bytes, latency n'etiti ndị ọzọ na-eji biosnoop:
$ sudo ./biosnoop TIME(s) COMM PID DISK T SECTOR BYTES LAT(ms) 0.000000000 ? 0 R -1 8 0.26 2.047897000 ? 0 R -1 8 0.21 3.280028000 kworker/u4:0 14871 sda W 30552896 4096 0.24 3.280271000 jbd2/sda1-8 545 sda W 29757720 12288 0.40 3.298318000 jbd2/sda1-8 545 sda W 29757744 4096 0.14 4.096084000 ? 0 R -1 8 0.27 6.143977000 ? 0 R -1 8 0.27 8.192006000 ? 0 R -1 8 0.26 8.303938000 kworker/u4:2 15084 sda W 12586584 4096 0.14 8.303965000 kworker/u4:2 15084 sda W 25174736 4096 0.14 10.239961000 ? 0 R -1 8 0.26 12.292057000 ? 0 R -1 8 0.20 14.335990000 ? 0 R -1 8 0.26 16.383798000 ? 0 R -1 8 0.17 ...
Mgbe nke ahụ gasịrị, anyị na-aga n'ihu iji cachestat iji gosipụta otu ahịrị ọnụ ọgụgụ achịkọtara site na cache sistemụ kwa sekọnd ọ bụla. Nke a na-enyere aka maka nhazigharị sistemu site n'ịtụ aka na obere cache hit ratio na ọnụ ọgụgụ dị elu nke efu:
$ sudo ./cachestat
HITS MISSES DIRTIES READ_HIT% WRITE_HIT% BUFFERS_MB CACHED_MB
0 0 0 0.0% 0.0% 19 544
4 4 2 25.0% 25.0% 19 544
1321 33 4 97.3% 2.3% 19 545
7476 0 2 100.0% 0.0% 19 545
6228 15 2 99.7% 0.2% 19 545
0 0 0 0.0% 0.0% 19 545
7391 253 108 95.3% 2.7% 19 545
33608 5382 28 86.1% 13.8% 19 567
25098 37 36 99.7% 0.0% 19 566
17624 239 416 96.3% 0.5% 19 520
...
Na-enyocha njikọ TCP kwa sekọnd site na iji tcpconnect. Ihe mmepụta ya gụnyere adreesị isi mmalite na ebe njedebe, yana nọmba ọdụ ụgbọ mmiri. Ngwá ọrụ a bara uru maka ịchọta njikọ TCP na-atụghị anya ya, si otú a na-enyere anyị aka ịchọpụta adịghị arụ ọrụ na nhazi ngwa ma ọ bụ onye na-awakpo.
$ sudo ./tcpconnect PID COMM IP SADDR DADDR DPORT 15272 Socket Threa 4 10.0.2.15 91.189.89.240 80 15272 Socket Threa 4 10.0.2.15 216.58.199.142 443 15272 Socket Threa 4 10.0.2.15 216.58.199.142 80 15272 Socket Threa 4 10.0.2.15 216.58.199.174 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 117.18.237.29 80 15272 Socket Threa 4 10.0.2.15 216.58.199.142 80 15272 Socket Threa 4 10.0.2.15 216.58.199.131 80 15272 Socket Threa 4 10.0.2.15 216.58.199.131 443 15272 Socket Threa 4 10.0.2.15 52.222.135.52 443 15272 Socket Threa 4 10.0.2.15 216.58.199.131 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 54.200.62.216 443 15272 Socket Threa 4 10.0.2.15 216.58.199.132 443 15272 Socket Threa 4 10.0.2.15 216.58.199.131 443 15272 Socket Threa 4 10.0.2.15 216.58.199.142 443 15272 Socket Threa 4 10.0.2.15 54.69.17.198 443 15272 Socket Threa 4 10.0.2.15 54.69.17.198 443 ...
Ngwa niile dị n'elu nwekwara ike iji nhọrọ dị iche iche, iji mee ka ibe enyemaka maka ngwa enyere, jiri nhọrọ -h, dịka ọmụmaatụ:
$ sudo ./tcpconnect -h
usage: tcpconnect [-h] [-t] [-p PID] [-P PORT]
Trace TCP connects
optional arguments:
-h, --help show this help message and exit
-t, --timestamp include timestamp on output
-p PID, --pid PID trace this PID only
-P PORT, --port PORT comma-separated list of destination ports to trace.
examples:
./tcpconnect # trace all TCP connect()s
./tcpconnect -t # include timestamps
./tcpconnect -p 181 # only trace PID 181
./tcpconnect -P 80 # only trace port 80
./tcpconnect -P 80,81 # only trace port 80 and 81
Ka ịchọta syscals exec()s dara ada, were nhọrọ -x nwere opensnoop dị ka n'okpuru:
$ sudo ./opensnoop -x PID COMM FD ERR PATH 15414 pool -1 2 /home/.hidden 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpu/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpu/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpuacct/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/cpuacct/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/blkio/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/blkio/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/memory/system.slice/systemd-hostnamed.service/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/memory/system.slice/cgroup.procs 15415 (ostnamed) -1 2 /sys/fs/cgroup/pids/system.slice/systemd-hostnamed.service/cgroup.procs 2548 compiz -1 2 15416 systemd-cgroups -1 2 /run/systemd/container 15416 systemd-cgroups -1 2 /sys/fs/kdbus/0-system/bus 15415 systemd-hostnam -1 2 /run/systemd/container 15415 systemd-hostnam -1 13 /proc/1/environ 15415 systemd-hostnam -1 2 /sys/fs/kdbus/0-system/bus 1695 dbus-daemon -1 2 /run/systemd/users/0 15415 systemd-hostnam -1 2 /etc/machine-info 15414 pool -1 2 /home/tecmint/.hidden 15414 pool -1 2 /home/tecmint/Binary/.hidden 2599 dconf-service -1 2 /run/user/1000/dconf/user ...
Ọmụmaatụ ikpeazụ n'okpuru na-egosi otu esi arụ ọrụ nchọta omenala. Anyị na-achọpụta otu usoro site na iji PID ya.
Buru ụzọ chọpụta ID usoro:
$ pidof firefox 15437
Ka emechara, mee iwu nchọta omenala. N'iwu dị n'okpuru: -p na-akọwapụta NJ usoro, do_sys_open() bụ ọrụ kernel nke a na-achọpụta nke ọma gụnyere arụmụka nke abụọ dị ka eriri.
$ sudo ./trace -p 4095 'do_sys_open "%s", arg2' TIME PID COMM FUNC - 12:17:14 15437 firefox do_sys_open /run/user/1000/dconf/user 12:17:14 15437 firefox do_sys_open /home/tecmint/.config/dconf/user 12:18:07 15437 firefox do_sys_open /run/user/1000/dconf/user 12:18:07 15437 firefox do_sys_open /home/tecmint/.config/dconf/user 12:18:13 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:13 15437 firefox do_sys_open /dev/urandom 12:18:13 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /usr/share/fonts/truetype/liberation/LiberationSans-Italic.ttf 12:18:14 15437 firefox do_sys_open /usr/share/fonts/truetype/liberation/LiberationSans-Italic.ttf 12:18:14 15437 firefox do_sys_open /usr/share/fonts/truetype/liberation/LiberationSans-Italic.ttf 12:18:14 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:14 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:15 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /sys/devices/system/cpu/present 12:18:15 15437 firefox do_sys_open /dev/urandom 12:18:15 15437 firefox do_sys_open /dev/urandom ....
Nchịkọta
BCC bụ ngwa ọrụ dị ike ma dị mfe iji maka ọrụ nchịkwa Sistemu dị iche iche dị ka nyochaa arụmọrụ sistemu, tracing ngọngọ ngwaọrụ I/O, ọrụ TCP, sistemụ faịlụ, syscalls, Node.js probes, yana ọtụtụ ndị ọzọ. Ihe dị mkpa, ọ na-eji ọtụtụ faịlụ atụ na ibe mmadụ na-ebubata maka ngwaọrụ iji duzie gị, na-eme ka ọ bụrụ enyi na enyi na ntụkwasị obi.
N'ikpeazụ ma ọ dịghị ihe ọzọ, ị nwere ike ịlaghachikwute anyị site n'ịkesa echiche gị banyere isiokwu ahụ, jụọ ajụjụ, mee aro ndị bara uru ma ọ bụ nzaghachi ọ bụla bara uru site na ngalaba nkọwa n'okpuru.
Maka ozi ndị ọzọ na ojiji nleta: https://iovisor.github.io/bcc/