• 系统分析与排障利器sysdig


    【简介】

    https://github.com/draios/sysdig

    【安装】

    安装方法:

    CentOS, RHEL, Fedora, Amazon Linux
    
    Trust the Draios GPG key, configure the yum repository
    rpm --import https://s3.amazonaws.com/download.draios.com/DRAIOS-GPG-KEY.public  
    curl -s -o /etc/yum.repos.d/draios.repo https://s3.amazonaws.com/download.draios.com/stable/rpm/draios.repo
    Install the EPEL repository
    Note: The following command is required only if DKMS is not available in the distribution. You can verify if DKMS is available with yum list dkms
    
    rpm -i https://mirror.us.leaseweb.net/epel/6/i386/epel-release-6-8.noarch.rpm
    Install kernel headers
    Warning: The following command might not work with any kernel. Make sure to customize the name of the package properly
    
    yum -y install kernel-devel-$(uname -r)
    Install sysdig
    yum -y install sysdig

    【使用】

     sysdig -cl  列出可用的目录

    [loki@loki-c7t1 ~]$ sysdig -cl |more
    
    Category: Application  # 应用
    ---------------------
    httplog         HTTP requests log
    httptop         Top HTTP requests
    memcachelog     memcached requests log
    
    Category: CPU Usage  # CPU用量
    -------------------
    spectrogram     Visualize OS latency in real time.
    subsecoffset    Visualize subsecond offset execution time.
    topcontainers_cpu
                    Top containers by CPU usage
    topprocs_cpu    Top processes by CPU usage
    
    Category: Errors   # 错误信息
    ----------------
    topcontainers_error
                    Top containers by number of errors
    topfiles_errors Top files by number of errors
    topprocs_errors top processes by number of errors
    
    Category: I/O    # 磁盘IO相关
    -------------
    echo_fds        Print the data read and written by processes.
    fdbytes_by      I/O bytes, aggregated by an arbitrary filter field
    fdcount_by      FD count, aggregated by an arbitrary filter field
    fdtime_by       FD time group by
    iobytes         Sum of I/O bytes on any type of FD
    iobytes_file    Sum of file I/O bytes
    spy_file        Echo any read/write made by any process to all files. Optionall
                    y, you can provide the name of one file to only intercept reads
                    /writes to that file.
    stderr          Print stderr of processes
    stdin           Print stdin of processes
    stdout          Print stdout of processes
    topcontainers_file
                    Top containers by R+W disk bytes
    topfiles_bytes  Top files by R+W bytes
    topfiles_time   Top files by time
    topprocs_file   Top processes by R+W disk bytes
    udp_extract     extract data from UDP streams to files.
    
    Category: Logs    # 系统日志相关
    --------------
    spy_logs        Echo any write made by any process to a log file. Optionally, e
                    xport the events around each log message to file.
    spy_syslog      Print every message written to syslog. Optionally, export the e
                    vents around each syslog message to file.
    
    Category: Misc
    --------------
    around          Export to file the events around the time range where the given
                     filter matches.
    
    Category: Net    # 网络相关
    -------------
    iobytes_net     Show total network I/O bytes
    spy_ip          Show the data exchanged with the given IP address
    spy_port        Show the data exchanged using the given IP port number
    topconns        Top network connections by total bytes
    topcontainers_net
                    Top containers by network I/O
    topports_server Top TCP/UDP server ports by R+W bytes
    topprocs_net    Top processes by network I/O
    
    Category: Performance    #  性能相关
    ---------------------
    bottlenecks     Slowest system calls
    fileslower      Trace slow file I/O
    netlower        Trace slow network I/0
    proc_exec_time  Show process execution time
    scallslower     Trace slow syscalls
    topscalls       Top system calls by number of calls
    topscalls_time  Top system calls by time
    
    Category: Security    #  安全相关
    ------------------
    list_login_shells
                    List the login shell IDs
    shellshock_detect
                    print shellshock attacks
    spy_users       Display interactive user activity
    
    Category: System State    # 系统状态
    ----------------------
    lscontainers    List the running containers
    lsof            List (and optionally filter) the open file descriptors.
    netstat         List (and optionally filter) network connections.
    ps              List (and optionally filter) the machine processes.
    
    Category: Tracers
    -----------------
    tracers_2_statsd
                    Export spans duration as statds metrics.
    
    Use the -i flag to get detailed information about a specific chisel

    # 使用-i 查看具体的信息的介绍

    sysdig -i topcontainers_cpu

    # 监控交互用户活动

    自行创建一个日志存放目录:mkdir -p /log/sysdig/ 

    -z 压缩

    -w 写入

    -r 读取

    # 开始监控当前用户正在操作的命令

    sudo  sysdig -z -w /log/sysdig/loki.gz -c spy_users

    # 读取监控信息

    sysdig -r /log/sysdig/loki.gz -c spy_users  

    # 查看R+W读写量最大的文件

    sysdig -c topfiles_bytes

    # 查看占用网络带宽最多的进程

    sysdig -c topprocs_net

    # 显示主机192.168.x.x的网络传输数据

    as binary:
    sysdig -s2000 -X -c echo_fds fd.cip=192.168.x.x
    as ASCII:
    sysdig -s2000 -A -c echo_fds fd.cip=192.168.x.x

    # 查看服务器连接最多的端口

    sysdig -c fdbytes_by fd.sport

    # 查看服务器连接最多的IP

    sysdig -c fdbytes_by fd.cip

    # 查看CPU占用量最大的进程

    sysdig -c topprocs_cpu 

    # 列出所有不是访问apache服务的访问连接

    sysdig -p"%proc.name %fd.name" "proc.name!=httpd"

    # 查看机器所有的HTTP请求

    sudo sysdig -s 2000 -A -c echo_fds fd.port=80 and evt.buffer contains GET

    参考资料:

    https://www.oschina.net/p/sysdig

    https://github.com/draios/sysdig/wiki/sysdig-examples

  • 相关阅读:
    js实现倒计时
    CSS解决ul下面最后一个li的margin
    js手动定时清除localStorage
    js应用中的小细节-时间戳的转换和input输入框有效数字
    javaScript将string转换成array,并将汉字按汉语拼音排序方法
    CSS3属性之text-overflow:ellipsis,指定多行文本中任意一行显示...
    移动端下拉刷新,向后台请求数据
    进程 线程 协程
    网络编程
    flask 2 进阶
  • 原文地址:https://www.cnblogs.com/Cong0ks/p/13434634.html
Copyright © 2020-2023  润新知