获取 ext3 和其他文件系统的类似 nfsstat 的统计信息
对于那些不熟悉 nfsstat 的人:它基本上只是计算对特定函数的调用次数。通过这种方式,人们可以获得有关 NFS I/O 操作的统计数据,从而使用它们来分析性能。
我想以更通用的方式做类似的事情。我想以某种方式计算“stat”调用的数量。如果可能的话,每个安装点的计数。但我不知道从哪里开始。我有足够的使用 C 语言和 libc 库进行编程的技能,但缺乏 Linux 内核的知识。
我觉得这应该通过可加载的内核模块来完成,但我不确定内核 API 是否提供了挂钩这些类型的系统调用的可能性。或者我应该为此使用inotify(不监视统计调用)?
从哪里开始?
For those not familiar with nfsstat: it basically just counts the number of calls to specific functions. This way one can get statistics about NFS I/O operations and thus use them to analyze performance.
I would like to do something like that in a more general fashion. I'd like to somehow count the number of e.g. "stat" calls. If possible a count per mount point. I am however not sure where to start. I have sufficient programming skills using C against the libc library, but lacking knowlegde of the Linux kernel.
I feel this is supposed to be done via a loadable kernel module but I'm not sure the kernel API provides the possibilities to hook into those kinds of system calls. Or should I use inotify for this (doesn't monitor stat calls)?
Where to start?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
要查看系统上发生的所有系统调用,可以使用 Linux 审计子系统 来查看对于特定的系统调用。您可以设置过滤器,例如将监视限制为目录树。文档相当稀疏;从 auditctl 手册页开始,或者本教程。最近的发行版附带了一个auditd 包。安装它并确保auditd守护进程正在运行,然后执行
并观察调用是否记录在
/var/log/audit/audit.log中(或者您的发行版中的任何地方)设置此)。在另一个极端,如果您只对特定进程(以及可选的子进程)进行的系统调用感兴趣,请使用 strace。
在此期间,如果您想观看一堆程序的某些文件系统访问,请通过 loggedfs。这是一个可堆叠的文件系统:它提供了现有目录树的替代视图。它可以记录每个操作,具有丰富的过滤器并附带合理的文档。
To watch all the system calls happening on the system, you can use the Linux audit subsystem to watch for a specific syscall. You can set up filters such as restricting the watch to a directory tree. The documentation is rather sparse; start with the auditctl man page, or perhaps this tutorial. Most recent distributions ship an
auditdpackage. Install it and make sure theauditddaemon is running, then doand watch the calls get logged in
/var/log/audit/audit.log(or wherever your distribution has set this up).At the other extreme, if you're only interested in the system calls made by a particular process (and optionally its subprocesses), use strace.
In between, if you want to watch some of the filesystem accesses of a bunch of programs, make them access the files you're concerned about through loggedfs. This is a stackable filesystem: it provides an alternate view of an existing directory tree. It can log every operation, has rich filters and comes with reasonable documentation.