> To All (This is mainly for the Mac DTrace 3, Adam Leventhal, Bryan > Cantrill, Mike Shapiro).. > We appreciate your desire to go to the source. It's a lot like posting a question on relativity, and indicating you'd really like an answer from Einstein.... :^)
That said, there's great news - the DTrace community is growing all the time, and there are many, many DTrace experts that can help. So Brian, Mike and Adam (and Eric, and Brendan, and Jon), can spend more time catching up on People magazine, tracking alien landings in the National Enquirer, and playing FishPong.... :^) > From what I have learned from DTrace is that you can monitor the > system calls of either the OS probes or individual processes. Let's start with terminology here. Systems calls are not issued by the OS - application processes (threads) issue system calls to enter the OS for a privileged operation (e.g. open a file). Please clarify what you mean by "OS probes" - are you referring to DTrace probes, or OS X IOKit probes? Are you interested in dtrace'ing dtrace? I'm not breaking your you-know-whats....I'm sincerely interested in making sure we agree on terminology. The notion of "OS probes" issuing system calls is not clear to me. > Also, > on the Mac you are able to monitor Objective-C calls by specifying an > individual Cocoa application. For my particular project I need to > track 3 tasks: when any arbitrary application accesses a file, when > any web page is accessed, and when any mail client assesses an email. > My knowledge of DTrace tells me that I need to create probes for every > application that can do these three types of tasks. Is there another > approach that does not need to know every type of application or > process that can do these 3 tasks? > "... any arbitrary application accesses a file" - Are you interested in tracking access to one specific file by any possible process? I assume the machine you're monitoring is running a WEB server, and an email server? There's a couple ways to do this, depending somewhat on your configuration. For tracking access to a file, you can use the system call provider and a predicate on arg0, which is a pointer to a pathname string. For the second two items, I'd start with monitoring the httpd process and mail server process with the syscall provider to determine the syscall path to the patterns you're interested in. Once you've established that, you can whittle all this down to a relatively simple script that does what you want. Make sense? (In case it does not) - In other words, as a general methodology, I sometimes use dtrace to get a broad view of what a particular application process is doing, e.g. grab a system call profile of a httpd process, to establish the specific calls (and, in some cases, args) used when something of interest is happening (e.g. accessing a static WEB page). From there I use that information to create a dtrace script that is intended to hone-in on that particular flow of activity. HTH, /jim > I appreciate any feedback one could give. > > Thanks in advanced, > > Blake > _______________________________________________ > dtrace-discuss mailing list > dtrace-discuss@opensolaris.org > _______________________________________________ dtrace-discuss mailing list dtrace-discuss@opensolaris.org
