IO and system calls
Monitor network and disk IO:
dstat -t
To get the list of available system calls use:
sudo dtrace -ln 'syscall:::entry'
Find which files a program is opening (same as strace -f -p $PID -e open):
sudo dtruss -t open_nocancel -p $PID
Also see ls /usr/bin/.d*
Monitor system calls made by an app:
strace ruby app.rb
Writes all system calls made by SSH, and subprocesses (-f), to a file named ssh.txt:
strace -f -o ssh.txt ssh jebus.com
Spy on all ‘open’ system calls made by a process:
strace -f -p $PID -e open
Use these commands to see a list of all available system calls (Linux only):
man syscalls
Monitor what files are being opened:
opensnoop -p $PID
strace -e open -p $PID
Networking
Pipe/copy data over a network:
cat request.txt | nc metafilter.com 80
Find which programs are listening to which port:
sudo netstat -tunapl
lsof -i -P # OSX
Listen to traffic containing the string “localhost” on any network interface:
sudo ngrep -d any localhost
Listen to traffic containing the string “localhost” on any network interface:
sudo tcpdump port 80 -w http.pcap
Writes a pcap file that can be analyzed with Wireshark.
Analyze pcap files from ngrep, tcpdump, etc:
wireshark http.pcap
CPU (Linux)
Run perf, a sampling profiler, to see where your application is spending its time:
sudo perf record ruby app.rb
Find out what the program using the most CPU time is doing:
sudo perf top
Find out if an app is using the L1 cache which is ~200 times faster than RAM:
sudo perf stat -e L1-dcache-load-misses my_golang_app
References