Using perf tool¶
perf tool is a really powerful set of tool available on Linux OS.
Installation¶
perf is packaged in most distribution. The version of the tool is dependent of your kernel version. On a debian with a 3.2 kernel, you have to install linux-tools-3.2:
aptitude install linux-tools-3.2
Usage¶
Live monitoring¶
perf can be used to do a live monitoring of system performance. To do so simply run:
perf top
Old versions may have to add <em>-a</em> to monitor all CPUs.
perf top is a zoomable view
Events: 7K cycles 0.28% [kernel] [k] native_write_msr_safe ▒ 0.27% perf-4040.map [.] 0x37ac83a0f102 ◆ 0.26% [kernel] [k] fput ▒ 0.26% libpthread-2.13.so [.] pthread_rwlock_unlock ▒ 0.22% [kernel] [k] load_balance
If you move with the arrows. When on a line, using right arrow will zoom to the function. And you will even be able to annotate the code:
: /* do the copy */
: for (idx = 0; idx < src->init->sig_size; idx++)
0.00 : 4c6eb4: movl $0x0,-0x4(%rbp)
0.00 : 4c6ebb: jmp 4c6f10 <SigGroupHeadCopySigs+0xcd>
: (*dst)->init->sig_array[idx] = (*dst)->init->sig_array[idx] | src->init->sig_a
0.00 : 4c6ebd: mov -0x28(%rbp),%rax
0.00 : 4c6ec1: mov (%rax),%rax
6.44 : 4c6ec4: mov 0x110(%rax),%rax
First column is the percentage a sample that have been taken by this operation.
Task monitoring¶
It is also possible to monitor a single command:
perf record -a -o run1.dat //usr/local/bin/suricata -r sandnet.pcap
To get a profile from the fetched statistics:
perf report -a -i run1.dat
perf report is an interface which is similar to perf top.