Here we demonstrate commands to generate traces using ptrace and submitting them to the object store using coroner.

Snapshot

Traces are generated using the ptrace command. There are a wide range of options for ptrace - which can be viewed with ptrace --help, but we'll look at some simple scenarios here.

The simplest way to generate a trace from an PID is:

ptrace <pid>

It will create a trace file ending in .btt in the current working directory. Later, these will be sent to coroner for viewing.

Most of the time, you will need to associate KVs with the trace:

ptrace <pid> --kv=location:NYC,environment:development

Submission

Once snapshots are generated using ptrace, they will need to be submitted to coroner. This can be done manually by using coroner put or automatically with the coroner daemon.

Manual

The basic format for submitting snapshots to coroner is:

coroner put project_name token_name /path/to/snapshot.btt

If using a self-signed certificate on the coroner server, pass the -k flag to coroner put:

coroner put -k project_name token_name /path/to/snapshot.btt

For more information about coroner, see Coroner Usage

Daemon

coroner can also be run in daemon mode, which allows it to watch a folder and automatically submit any *.btt trace files which are saved to that folder.

Configuration

The [daemon] section in coroner.cf can specify project-level folder watch settings, including the path to a folder to watch, and the associated token.

[daemon]
project-alpha.root=/home/traces/project-alpha
project-alpha.token=project-alpha
project-beta.root=/home/traces/project-beta
project-beta.token=project-beta

Execution

To start the coroner client in daemon mode, simply run coroner daemon. To run in foreground mode, run coroner daemon -f