| |
| sw:sysdig:intro [2018/07/05 19:55] – created Frank Fegert | sw:sysdig:intro [2019/07/14 15:24] (current) – Frank Fegert |
|---|
| | ''-q'' | Don't print events on the screen Useful when dumping to disk. | | | ''-q'' | Don't print events on the screen Useful when dumping to disk. | |
| | ''-v'' | Verbose output. | | | ''-v'' | Verbose output. | |
| | ''--version'' | Print version number. | | | ''<nowiki>--version</nowiki>'' | Print version number. | |
| | ''-D'' | Capture events about sysdig itself and print additional logging on standard error. | | | ''-D'' | Capture events about sysdig itself and print additional logging on standard error. | |
| | ''-L'' | List the events that the engine supports. | | | ''-L'' | List the events that the engine supports. | |
| | ''-b'' | Print data buffers in base64. | | | ''-b'' | Print data buffers in base64. | |
| | ''-j'' | Emit output as json, data buffer encoding will depend from the print format selected. | | | ''-j'' | Emit output as json, data buffer encoding will depend from the print format selected. | |
| | ''--unbuffered'' | Turn off output buffering. | | | ''<nowiki>--unbuffered</nowiki>'' | Turn off output buffering. | |
| | ''-t type'' | Change the way event time is displayed. \\ ''h'' for human-readable string \\ ''a'' for absolute timestamp from epoch \\ ''r'' for relative time from the beginning of the capture \\ ''d'' for delta between event enter and exit \\ ''D'' for delta from the previous event | | | ''-t type'' | Change the way event time is displayed. \\ ''h'' for human-readable string \\ ''a'' for absolute timestamp from epoch \\ ''r'' for relative time from the beginning of the capture \\ ''d'' for delta between event enter and exit \\ ''D'' for delta from the previous event | |
| | ''-x'' | Print data buffers in hex. | | | ''-x'' | Print data buffers in hex. | |
| ^ Option ^ Description ^ | ^ Option ^ Description ^ |
| | ''-d'' | Make the given filter a display filter. Capture events first and apply filter later. Less efficient, but ensures no events are lost. | | | ''-d'' | Make the given filter a display filter. Capture events first and apply filter later. Less efficient, but ensures no events are lost. | |
| | ''--filter-proclist'' | Apply the filter to the process table. This hides possibly sensitive information. | | | ''<nowiki>--filter-proclist</nowiki>'' | Apply the filter to the process table. This hides possibly sensitive information. | |
| | ''-E'' | Don't create the user/group tables by querying the OS when sysdig starts. | | | ''-E'' | Don't create the user/group tables by querying the OS when sysdig starts. | |
| | ''-T'' | Tell the driver to make sure full buffers are captured from /dev/null, to make sure that tracers are completely captured. | | | ''-T'' | Tell the driver to make sure full buffers are captured from /dev/null, to make sure that tracers are completely captured. | |
Subscribe to posts
Bityard Blog
Add me on XING
Add me on vutuv
Fork me on GitHub
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Noncommercial-Share Alike 4.0 International