1undump.bt(8)                System Manager's Manual               undump.bt(8)
2
3
4

NAME

6       undump.bt - Catch UNIX domain socket packages. Uses bpftrace/eBPF.
7

SYNOPSIS

9       undump.bt
10

DESCRIPTION

12       undump.bt tracked reception of UNIX domain sockets.
13
14       This program is also a basic example of bpftrace and kprobes.
15
16       Since this uses BPF, only the root user can use this tool.
17

REQUIREMENTS

19       CONFIG_BPF and bpftrace.
20

EXAMPLES

22       Trace reception of UNIX domain sockets:
23              # undump.bt
24

FIELDS

26       TIME   A timestamp on the output, in "HH:MM:SS" format.
27
28       COMM   The process COMM.
29
30       PID    The process ID.
31
32       SIZE   The size of the received packet, in bytes.
33
34       DATA   Display received packets in hex or string.
35

OVERHEAD

37       The  overhead  of  this  program mainly comes from the data packets re‐
38       ceived by the terminal output.
39

SOURCE

41       This is from bpftrace.
42
43              https://github.com/iovisor/bpftrace
44
45       Also look in the bpftrace distribution for  a  companion  _examples.txt
46       file containing example usage, output, and commentary for this tool.
47
48       This  is  a  bpftrace  version  of the bcc examples/tracing of the same
49       name.  The bcc tool may provide more options and customizations.
50
51              https://github.com/iovisor/bcc
52

OS

54       Linux
55

STABILITY

57       Unstable - in development.
58

AUTHOR

60       Rong Tao
61

SEE ALSO

63       opensnoop.bt(8)
64
65
66
67USER COMMANDS                     2022-06-03                      undump.bt(8)
Impressum