From what I can see, a DTrace implementation on Linux is held up by licensing and politics. What are the alternatives currently?
Systemtap is designed to solve the same sort of problems as dtrace, and has a similar user interface – the user writes small scripts which attach actions to named probes.
It is said to be unstable, it's not usually compiled into your kernel by default, but once I got it working I didn't have any problems.
You can see how it compares to dtrace in this table on the systemtap website (May be partisan :-)
Dtrace has been partly ported to Linux by Paul Fox, an enthusiast, and is available for download for you to try - check out the links on his blog.
It has been said that kprobes are a dtrace replacement, but I've never tried them.
SystemTap is a higher level abstraction built on Kprobes. For more information about how Kprobes work, you can read my technical article on LWN.
As Alex mentioned, Systemtap is essentially solving the same problem as dtrace, except that it's somewhat slower (you may not perceive it to be so, depending upon what you're trying to do with it) than dtrace and not quite as polished or safe to use.
To install SystemTap SDT development package, try:
yum install systemtap-sdt-devel
sysdig is a great solution now.
Some usage cases include (their wiki has some exceptionally interesting examples):
For Disk I/O
See the top processes in terms of disk bandwidth usage
sysdig -c topprocs_file
List the processes that are using a high number of files
sysdig -c fdcount_by proc.name "fd.type=file"
See the top files in terms of read+write bytes
sysdig -c topfiles_bytes
Print the top files that apache has been reading from or writing to
sysdig -c topfiles_bytes proc.name=httpd
Basic opensnoop: snoop file opens as they occur
sysdig -p "%12user.name %6proc.pid %12proc.name %3fd.num %fd.typechar %fd.name" evt.type=open
See the top directories in terms of R+W disk activity
sysdig -c fdbytes_by fd.directory "fd.type=file"
See the top files in terms of R+W disk activity in the /tmp directory
sysdig -c fdbytes_by fd.filename "fd.directory=/tmp/"
Observe the I/O activity on all the files named 'passwd'
sysdig -A -c echo_fds "fd.filename=passwd"
Display I/O activity by FD type
sysdig -c fdbytes_by fd.type
dtrace does exist for linux (https://github.com/dtrace4linux) and http://crtags.blogspot.com.
Oracle is porting DTrace to linux: https://oss.oracle.com/projects/DTrace/
Don't know wether this only works with their linux distribution or any other too.
Linux has strace/ltrace (see this post about strace). But they aren't really equivalent to DTrace, they just cover a small part of what DTrace can do (actually, DTrace is vastly superior to anything Linux offers).
来源:https://stackoverflow.com/questions/2059311/whats-an-alternative-for-dtrace-on-linux