1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
| # New processes with arguments
dtrace -n 'proc:::exec-success { trace(curpsinfo->pr_psargs); }'
# Files opened by process
dtrace -n 'syscall::open*:entry { printf("%s %s",execname,copyinstr(arg0)); }'
# Syscall count by program
dtrace -n 'syscall:::entry { @num[execname] = count(); }'
# Syscall count by syscall
dtrace -n 'syscall:::entry { @num[probefunc] = count(); }'
# Syscall count by process
dtrace -n 'syscall:::entry { @num[pid,execname] = count(); }'
# Disk size by process
dtrace -n 'io:::start { printf("%d %s %d",pid,execname,args[0]->b_bcount); }'
# Pages paged in by process
dtrace -n 'vminfo:::pgpgin { @pg[execname] = sum(arg0); }'
|