04-02-2008
snoop -o file.out -d <interface> 10.10.10.10
10 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
I use a paste command on my HP/UX which by specifying single quotation marks my output creates a fixed width file with no delimeters:
paste -d '' a b > temp
on the Sun box the same command recieves an error specifying no delimeters provided.
Both are running ksh. (1 Reply)
Discussion started by: r1500
1 Replies
2. UNIX Benchmarks
I could write a long spec here, however.....we are looking at investing in one of thise shiny blue Sun V440's. Rediculousely expensive, however possibly more cost effective over time...too much time listening to salesmen. To the point has anyone actually performed a comparison for Oracle running on... (4 Replies)
Discussion started by: luker
4 Replies
3. Solaris
Evening...
I just recently purchased an older Ultra 5 with Solaris 8 equiped with NT. I'm not necessarily new to the unix world but this is the first time I've had my own box. I'm used to Unix in the working environment.
So with that said...
Are there any specific files I should be... (2 Replies)
Discussion started by: PapaPark
2 Replies
4. UNIX for Dummies Questions & Answers
Hi,
I need a clarification.
Is there any difference between AIX box and Sun Solaris box?
The bzip command with -c option works in AIX box and the same does not work in Sun Solaris box.
Can anyone please explain if there is an implementation difference in both these boxes for the shell... (1 Reply)
Discussion started by: nisha4680
1 Replies
5. Solaris
Hi.
I'm trying to capture traffic with the snoop command using the net expression but I fail when a I've to specify a subnet
ex: 10.201.64/18
Did you know the correct syntax?
I've tried with
snoop -ta -x0 net 10.201.64.0 255.255.192.0
but doesn't match.
Thnx (4 Replies)
Discussion started by: kurtolo
4 Replies
6. Solaris
i want to migrate sun box 5.8 to 5.10 and also 5.9 to 5.10 with jump start
without ditrubing any users, how it can be done? (3 Replies)
Discussion started by: saini707
3 Replies
7. UNIX for Dummies Questions & Answers
scp file="myfile.txt" todir="user@somehost:(M:drive:/somepath/)"/
Not sure I need it to go to a specific drive on the windows box (1 Reply)
Discussion started by: xgringo
1 Replies
8. Linux
Hi,
What web site I can download the snoop package from and install it into a linux environment, so I can practice and become familiar with the snoop command and capture packets with it.
Thanks , (0 Replies)
Discussion started by: Pouchie1
0 Replies
9. Solaris
Got the console cable all connected up and got tot he ok prompt.
Typed in boot cdrom and got the following:
ok boot cdrom
Boot device: /pci@8,700000/scsi@6/disk@6,0:f File and args:
ERROR: /packages/deblocker: Last Trap: Corrected ECC Error
Can't read disk label.
Can't open disk... (4 Replies)
Discussion started by: bbbngowc
4 Replies
10. Solaris
Hi!
I have run the following command: snoop -q -d e1000g0 -o /var/tmp/optima0.txt & them I am trying to read the output of it with snoop -i /var/tmp/optima0.txt, which is giving me this: # snoop -i /var/tmp/optima0.txt | more
1 0.00000 AIOPTSVR -> 10.100.4.72 TCP D=1393 S=22 Push... (8 Replies)
Discussion started by: fretagi
8 Replies
LEARN ABOUT OSX
opensnoop
opensnoop(1m) USER COMMANDS opensnoop(1m)
NAME
opensnoop - snoop file opens as they occur. Uses DTrace.
SYNOPSIS
opensnoop [-a|-A|-ceghsvxZ] [-f pathname] [-n name] [-p PID]
DESCRIPTION
opensnoop tracks file opens. As a process issues a file open, details such as UID, PID and pathname are printed out.
The returned file descriptor is printed, a value of -1 indicates an error. This can be useful for troubleshooting to determine if applia-
cions are attempting to open files that do not exist.
Since this uses DTrace, only users with root privileges can run this command.
OPTIONS
-a print all data
-A dump all data, space delimited
-c print current working directory of process
-e print errno value
-g print full command arguments
-s print start time, us
-v print start time, string
-x only print failed opens
-Z print zonename
-f pathname
file pathname to snoop
-n name
process name to snoop
-p PID process ID to snoop
EXAMPLES
Default output, print file opens by process as they occur,
# opensnoop
Print human readable timestamps,
# opensnoop -v
See error codes,
# opensnoop -e
Snoop this file only,
# opensnoop -f /etc/passwd
FIELDS
ZONE Zone name
UID User ID
PID Process ID
PPID Parent Process ID
FD File Descriptor (-1 is error)
ERR errno value (see /usr/include/sys/errno.h)
CWD current working directory of process
PATH pathname for file open
COMM command name for the process
ARGS argument listing for the process
TIME timestamp for the open event, us
STRTIME
timestamp for the open event, string
DOCUMENTATION
See the DTraceToolkit for further documentation under the Docs directory. The DTraceToolkit docs may include full worked examples with ver-
bose descriptions explaining the output.
EXIT
opensnoop will run forever until Ctrl-C is hit.
BUGS
occasionally the pathname for the file open cannot be read and the following error will be seen,
dtrace: error on enabled probe ID 6 (...): invalid address
this is normal behaviour.
AUTHOR
Brendan Gregg [Sydney, Australia]
SEE ALSO
dtrace(1M), truss(1)
version 1.60 Jan 12, 2006 opensnoop(1m)