DT_Logger

DT_Logger is a configurable data logging suite, based on DTrace and intended for "set and forget" operation. It differs from ordinary DTrace usage in several respects:

  • Dozens of probes are commonly used at the same time.

  • Sets of probes may be defined and used as desired.

  • DT_Logger is generally run in the background.

  • The tracing may go on for (many) days.

  • The output is both human- and machine-readable.

DT_Logger was created to help Morinfo log information about coarse-grained activities (e.g., file access, process and thread creation, signals) of target Operating Systems. Plans are also afoot to use it (eg, in Arti) to log the activities of target Ruby on Rails applications, MySQL servers, etc.

Available Information

Base Technologies

DT_Logger is based on:

  • DTrace - Sun's dynamic software tracing facility

  • Ruby - a dynamic programming language

  • YAML - a general-purpose data serialization format

DTrace is a comprehensive dynamic tracing facility, able to report on both operating systems and application software. Although developed and maintained by engineers at Sun Microsystems, DTrace is Open Source. It currently runs on Mac OS X 10.5 and Solaris 10; it is being ported to a number of other OS platforms.

D (DTrace's scripting language) uses a subset of C syntax, but borrows the pattern-action paradigm from Awk. Ruby is a popular scripting language, available on most modern operating systems. YAML support is built into Ruby. DTL support is built into DT_Logger.

Availability

Releases of DT_Logger may be downloaded from the link(s) below:

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 Unported License.

Futures

My plan is to load the log data into a relational database (e.g., MySQL), then analyze the recorded events. For example, the logs might indicate that processes which exec /usr/bin/vi often access .exrc files in various locations. This would let us posit a relationship between the vi program and this sort of file.

The resulting relationships, along with other information (e.g., statically-derived data; human-entered "facts", "rules", and "notes") will be made available for browsing and viewing in a Ruby on Rails application.


This wiki page is maintained by Rich Morin, an independent consultant specializing in software design, development, and documentation. Please feel free to email comments, inquiries, suggestions, etc!

Topic revision: r33 - 20 Sep 2008, RichMorin
This site is powered by FoswikiCopyright © by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding CFCL Wiki? Send feedback