Hi,
Thanks for your reply. Some other stuff. I found that lttng is working on
container awareness in this
slides: https://archive.fosdem.org/2019/schedule/event/containers_lttng/attachments/slides/3419/export/events/attachments/containers_lttng/slides/3419/lttng_containers_fosdem19.pdf
On page #13, there is a command: lttng add-context -k -t procname -t pid
-t vpid -t tid -t vtid -t pid_ns, where pid_ns and other namespace identifiers
are very useful for tracing containers. However, it seems like that lttng of
current version doesn't support adding context pid_ns(Error: Unknown context
type pid_ns). Do you know how to enable these features?
Thanks a lot.
Btw, have a nice holiday!
Serica
------------------ ???????? ------------------
??????:
"Mathieu Desnoyers"
<mathieu.desnoy...@efficios.com>;
????????: 2020??12??17??(??????) ????11:27
??????: "Serica"<serica_...@qq.com>;
????: "lttng-dev"<lttng-dev@lists.lttng.org>;
????: Re: [lttng-dev] Possibilities to customize lttng tracepoints in
kernel space
----- On Dec 16, 2020, at 4:19 AM, lttng-dev <lttng-dev@lists.lttng.org>
wrote:
Hi,
I send this email to consult that whether it is possible to customize lttng
tracepoints in kernel space. I have learnt that lttng leverages linux
tracepoint to collect audit logs like system calls. Also, I have found that
user can define their customized tracepoints in user space by using lttng-ust
so that they can trace their user applications.
Is it possible for lttng users to customize the existing tracepoints in kernel
space? For example, after the system call sys_clone, or read, called and then
collected by lttng, I want to process some data ( e.g., the return value of the
syscall ), and place the result in a new field in the audit log ( or using
another approach, by emitting a new type of event in the audit log ), and later
when parsed by babeltrace, we can see the newly-added field or event in the
parsed result.
Looking forward to your reply.
Hi,
You will want to start by having a look at this section of the LTTng
documentation: https://lttng.org/docs/v2.12/#doc-instrumenting-linux-kernel
You can indeed modify lttng-modules to change the fields gathered by the system
call tracing facility (see include/instrumentation/syscalls/README section (3)).
Those changes will be reflected in the resulting trace data.
Thanks,
Mathieu
Best wishes,
Serica
_______________________________________________
lttng-dev mailing list
lttng-dev@lists.lttng.org
https://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
--
Mathieu Desnoyers
EfficiOS Inc.
http://www.efficios.com_______________________________________________
lttng-dev mailing list
lttng-dev@lists.lttng.org
https://lists.lttng.org/cgi-bin/mailman/listinfo/lttng-dev
