This is the mail archive of the
systemtap@sourceware.org
mailing list for the systemtap project.
Re: Fwd: Any way to find the network usage by a process?
- From: "Jose R. Santos" <jrs at us dot ibm dot com>
- To: Irfan Habib <irfan dot habib at gmail dot com>
- Cc: Linux kernel <linux-kernel at vger dot kernel dot org>, SystemTAP <systemtap at sources dot redhat dot com>
- Date: Tue, 03 Oct 2006 10:47:09 -0500
- Subject: Re: Fwd: Any way to find the network usage by a process?
- Organization: IBM
- References: <3420082f0610030114o5b44b8ak7797483e02002614@mail.gmail.com> <3420082f0610030114o4c6998en907bccce81d28c59@mail.gmail.com>
- Reply-to: jrs at us dot ibm dot com
Irfan Habib wrote:
Hi,
Is there any method either kernel or user level which tells me which
process is generating how much traffic from a machine. For example if
some process is flooding the network, then I would like to know which
process (PID ideally), is generating the most traffic.
A while ago I did a SystemTap script to solve a problem similar to
this. It's been siting in my system for a while collecting dust and you
currently don't need the embedded C code since the networking.stp tapset
has all this script needs(and more), but I should point you in the right
direction.
This worked a couple of months ago but it is currently untested. Hope
it helps.
-JRS
global ifstats, ifdevs, execname
%{
#include<linux/skbuff.h>
#include<linux/netdevice.h>
%}
probe kernel.function("dev_queue_xmit")
{
execname[pid()] = execname()
name=skb_to_name($skb)
ifdevs[name] = name
ifstats[pid(),name] <<< 1
}
function skb_to_name:string (skbuff:long)
%{
struct sk_buff *skbuff = (struct sk_buff *)((long)THIS->skbuff);
struct net_device *netdev = skbuff->dev;
sprintf (THIS->__retvalue, "%s" , netdev->name);
%}
probe timer.ms(5000)
{
exit()
}
probe end {
foreach( pid in execname) {
if (pid == 0) continue
printf("%15s[%5d] ->\t", execname[pid],pid)
foreach( ifname in ifdevs) {
printf("[%s:%7d] \t", ifname,
@count(ifstats[pid, ifname]))
}
print("\n")
}
print("\n")
}