Is there an option that allows me to print a time stamp for the system time of each run of netstat? Done some looking on the man page, but nothing seems to do the trick.
For instance, if I start a run of netstat -vI 10 at 9:30:00, I'd want:
<9:30:00> [INSERT_DATA_HERE]
<9:30:10> [INSERT_DATA_HERE]
etc.
Or is it better if I just write a script to run a 'date' command and pipe the catted output to a text file?
If you are running the current Solaris version (Solaris 11.*), you can use the -T u or -T d option to get a timestamp for each statistic line.
Otherwise, with Solaris 10 and older, there is no builtin option but you can put the start timestamp and the interval in the netstat output filename that way:
netstat -v -I interface 10 > netstat-vI-10s-$(date +%FT%T).out
Related
I'm on a Ubuntu 18.04 server. I know the full command line information can be grabbed by ps auxww. For example, by running ps auxww, I know the command /usr/local/bin/my-program -parameter :8888 is running. How can I get the same info from PowerShell? I searched around and all the info is about how to get the command line info on Windows.
On Ubuntu 18.04 PowerShell,
did you try ps -a -F. It should give the details you are looking for.
if need specific details about the running/all processes try with more options with
ps --help all or ps --help output commands
PS> ps --help output
Usage:
ps [options]
Basic options:
-A, -e all processes
-a all with tty, except session leaders
a all with tty, including other users
-d all except session leaders
-N, --deselect negate selection
r only running processes
T all processes on this terminal
x processes without controlling ttys
Output formats:
-F extra full
-f full-format, including command lines
f, --forest ascii art process tree
-H show process hierarchy
-j jobs format
j BSD job control format
-l long format
l BSD long format
-M, Z add security data (for SELinux)
-O <format> preloaded with default columns
O <format> as -O, with BSD personality
-o, o, --format <format>
user-defined format
s signal format
u user-oriented format
v virtual memory format
X register format
-y do not show flags, show rss vs. addr (used with -l)
--context display security context (for SELinux)
--headers repeat header lines, one per page
--no-headers do not print header at all
--cols, --columns, --width <num>
set screen width
--rows, --lines <num>
set screen height
--help <simple|list|output|threads|misc|all>
display help and exit
For more details see ps(1).
cat "${pos}" | /usr/bin/iconv -f CP1251 -t UTF-8 | uniq | sed -En "/^CLIENT_ID.*/!p" | while read line
do
.....
......
cat >> "$TMPFILE" << EOF
INSERT INTO ......;
EOF
done
As you can see each iteration writes a SQL statement to a tmp-file.
I launched this script from a regular interactive shell and got the expected output. Launched from a cron job - nothing.
After investigating I found a problem. When I use "$TMPFILE" without "" the script works ok. Why does this happen?
OS: FreeBSD, bourne shell.
IIRC, cron doesn't source all the files that a login shell does, so you will end up with different settings for environment variables. Could be the path $TMPFILE is pointing to contains spaces when run from cron for example.
Also, on some systems (depending on setup), cron uses a different shell. So if you start your script from command line, for example /usr/bin/sh might be used, whereas when started by cron, /bin/sh is used. (I have no experience with *BSD, but I have observed this on linux.)
It is so confusing that emacsclient said it can't find socket just after executing emacs --daemon in bash:
$ ps aux | grep emacs
shiangro 1744 0.0 0.0 2432784 604 s000 S+ 1:03下午 0:00.00 grep emacs
$ /usr/local/bin/emacs --daemon
("emacs")
Starting Emacs daemon.
Restarting server
$ /usr/local/bin/emacsclient -t
emacsclient: can't find socket; have you started the server?
To start the server in Emacs, type "M-x server-start".
emacsclient: No socket or alternate editor. Please use:
--socket-name
--server-file (or environment variable EMACS_SERVER_FILE)
--alternate-editor (or environment variable ALTERNATE_EDITOR)
I have this settings in my .emacs:
(server-start)
(setq server-socket-dir "~/.emacs.d/server")
and it works,the server file ~/.emacs.d/server/server was just there,but emacsclient say it can't find socket,so annoying that I have to tell him the socket file using the -s option.
I find this thorny problem while I want let emacs runing as a daemon after everytime rebooting(start) systerm by using crontab's ◎reboot special strings.
In this case ,cron successfully started the emacs server and the server file ~/.emacs.d/server/server was also there, but later when I started a terminal and tried to emacsclient -t ,it failed and complained can't find socket file!
Although I can bypass this problem by using -s ~/.emacs.d/server/server everytime I excute emacsclient,or alias emacsclient as emacsclient -s ~/.emacs.d/server/server ,but is ther a better way to comfort my heart?
Backgroud:
system: Mac OS X 10.9.2
emacs: GNU Emacs 24.3.1 installed by homebrew
Finding the server socket file is the tricky bit, you can use lsof to find it, and then a bit of grep-ing to extract the socket path/filename.
lsof -c emacs | grep server | grep -E -o '[^[:blank:]]*$'
Or on OSX when you expect to be running /Application/Emacs you'd change the command name lsof is looking for with -c Emacs. ie.
lsof -c Emacs | grep server | grep -E -o '[^[:blank:]]*$'
You could use cut instead of the messy filtering grep (searching for non-blanks until the line end [^[:blank:]]*$)
lsof -c Emacs | grep server | cut -c70-
Better yet, squish the interspacing and use cut's field chopping.
lsof -c Emacs | grep server | tr -s " " | cut -d' ' -f8
Now that you have the socket (or it's empty) you can do a conditional start on emacsclient, ie.
#!/bin/bash
socket_file=$(lsof -c Emacs | grep server | tr -s " " | cut -d' ' -f8)
if [[ $socket_file == "" ]]; then
# Just run Emacs (with any arguments passed to the script)
# It would be a good idea to parse the arguments and clean/remove
# anything emacsclient specific.
# (ie. -e should be --eval for emacs)
# note that emacsclient doesn't fix these args for you either
# when using -a / --alternate-editor
emacs $# &
# or on OSX
/Application/Emacs.app/Contents/MacOS/Emacs $# &
else
emacsclient $# -n -s $socket_file
fi
Since you've done:
/usr/local/bin/emacs --daemon
the server is already started. So, you don't actually need the:
(server-start)
(setq server-socket-dir "~/.emacs.d/server")
in your .emacs. When you follow that approach, the server is placed in /tmp/emacs502 (or maybe some other number). On linux, emacsclient doesn't seem to have trouble finding it there (in that case I'm seeing /tmp/emacs1920), and so "emacsclient -nw" works. I'm trying it on OSX using HomeBrew, as you are, and I find I have to connect using:
emacsclient -nw -s /tmp/emacs502/server
(If you used --deamon=name, then you would use "name" instead of "server" in that last line.)
emacsclient only finds the emacs server if I run emacs from the command line. If I run emacs from the Ubuntu launcher then emacsclient fails to connect to the server.
If you want to use the Emacs daemon instead of the server, define the two environment variables
export ALTERNATE_EDITOR=""
export EDITOR=emacsclient
You can add these environment variables in either ~/.bashrc or ~/.profile.
If the ALTERNATE_EDITOR environment variable is empty, then Emacs will run its daemon and connect to it.
I think emacsclient can look for special file server in standard path only, e.g. in /tmp/emacs1000. If you change this parameter server-socket-dir, then you should tell about it to emacsclient by key -s.
In my office firewall I use a command like this:
$ sudo tcpdump -v -s 1500 -i eth0 port 25 | grep 'smtp: S'
to monitor LAN clients sending mail (I need to early detect any possible spammer bot from some client, we have very looooose security policies, here... :-().
So far, so good: I have a continuous output as soon any client sends an email.
But, if I add some filter to get a cleaner output, something like this:
$ sudo tcpdump -v -s 1500 -i eth0 port 25 | grep 'smtp: S' | perl -pe 's/(.*?\)) (.*?)\.\d+ \>(.*)/$2/'
(here I intend to get only source ip/name), I do not get any output until tcpdump output is more than (bash?) buffer size... (or at least I suppose so...).
Nothing changes using 'sed' instead of 'perl'...
Any hint to get a continuous output of filtered data?
Put stdbuf before the first command:
sudo stdbuf -o0 tcpdump ...
But, if I add some filter to get a cleaner output, something like
this:
Use the --line-buffered option for grep:
--line-buffered
Use line buffering on output. This can cause a performance
penalty.
try maybe a sed --unbuffered (or -u sometimes like on AIX) to have a stram version (not waiting the EOF)
I'm trying to write a script that will find a particular process based on a keyword, extract the PID, then kill it using the found PID.
The problem I'm having in Solaris is that, because the "ps" results are truncated, the search based on the keyword won't work because the keyword is part of the section (past 80 characters) that is truncated.
I read that you can use "/usr/ucb/ps awwx" to get something more than 80 characters, but as of Solaris 10, this needs to be run from root, and I can't avoid that restriction in my script.
Does anyone have any suggestions for getting that PID? The first 80 characters are too generic to search for (part of a java command).
Thanks.
This works for me, at least on Joyent SmartMachine:
/usr/ucb/ps auxwwww
You assumption about ps behavior is incorrect. Even while you aren't logged as root, "/usr/ucb/ps -ww" doesn't truncate arguments for processes you own, i.e. for processes you can kill which are the only one you are interested in.
$ cat /etc/release
Oracle Solaris 10 9/10 s10x_u9wos_14a X86
Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
Assembled 11 August 2010
$ id
uid=1000(jlliagre) gid=1000(jlliagre)
$ /usr/ucb/ps | grep abc
2035 pts/3 S 0:00 /bin/ksh ./abc aaaaaaaaaaaaaaaaaaaaaaaaaaa bbbbbbbbbbbb
$ /usr/ucb/ps -ww | grep abc
2035 pts/3 S 0:00 /bin/ksh ./abc aaaaaaaaaaaaaaaaaaaaaaaaaaa bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb ccccccccccccccccccccccccccccccccccccccccccccccccccccccc ddddddddddddddddddddddddddddddddddddddddddd
I would suggest pgrep and pkill - http://www.opensolarisforum.org/man/man1/pkill.html - instead.
Edit 0:
How about this ugly procfs hack instead:
~$ for f in /proc/[0-9]*/cmdline; do if grep -q --binary-files=text KEYWORD $f; \
> then l=`dirname $f`;p=`basename $l`; echo "killing $p"; kill $p; fi; done
I'm sure there's a shorter incantation for this but my shell-fu is a bit rusty.
Disclaimers: only tested in bash on Linux, would probably match itself too.
pargs will help here. though you'll have to iterate through all of the running procs which is a little annoying. but this will at least show you all of a procs arguments when ps would truncate them.
user#machine:(/home/user)> pargs 23097
23097: /usr/bin/bash ./test.sh aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa bbbb
argv[0]: /usr/bin/bash
argv[1]: ./test.sh
argv[2]: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
argv[3]: bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
argv[4]: ccccccccccccccccccccccccccccccccccccccccc
ps "whatever your options" | cat
Works for me; trying to fool ps that stdout is not a tty.
I don't remember exactly about solaris and i don't have an access to it now, only tomorrow, but in any case it's better to order the fields you want — simplifies parsing.
ps -o pid,args
If the output is truncated, maybe setting the column name to long string shall help.
/usr/ucb/ps -auxww | grep <processname> or <PID>
Use the -w option (twice for unlimited width):
$ ps -w -w -A -o pid,cmd