File Manager V1.5

[SYSTEM@ROOT]: /usr/share/doc/bpftrace/examples/
INJECT_FILE:
NEW_ENTRY:

FILE_CONTENT: syncsnoop_example.txt

Demonstrations of syncsnoop, the Linux bpftrace/eBPF version.


Tracing file system sync events:

# ./syncsnoop.bt
Attaching 7 probes...
Tracing sync syscalls... Hit Ctrl-C to end.
TIME      PID    COMM             EVENT
02:02:17  27933  sync             tracepoint:syscalls:sys_enter_sync
02:03:43  27936  sync             tracepoint:syscalls:sys_enter_sync

The output shows calls to the sync() syscall (traced via its tracepoint),
along with various details.


There is another version of this tool in bcc: https://github.com/iovisor/bcc
[ KEMBALI ]
LOG_SESSION: 07:38:45 | ADDR: 216.73.216.46 | VERSION: 1.5_KNTL