Learn VMware knowledge , Learn openstack, Learn container : A script to monitor APD and take tcpdump

Recently , I meet a NFS APD issue, so I need the pacap dump during the issue time.

But in product environment , NFS storage with heavy traffic , if is very hard to capture the traffic which you want.

I wrote a script to do that, here is my ideas

Run the command "tcpdump-uw " to take traffic
Monitor the pattern "apd.start" at vobd.log .If script capture "apd.start", wait for 10 seconds then stop the tcpdump.

Here is script

#!/bin/sh
NFS_IP=172.21.86.1 #set customer NFS server IP
PCAP_PATH="/vmfs/volumes/local" # set path for pcap file 
tcpdump-uw -i $1 -s 0 host $NFS_IP -C 100M -W 10 -w $PCAP_PATH/mycap.pcap &

tail -fn1 /var/run/log/vobd.log | \
while read line ; do
        echo "$line" | grep "apd.start"
        if [ $? = 0 ]
           then
      sleep 10
            kill $(lsof |grep tcpdump-uw |awk '{print $1}'| sort -u)
            pkill tail
            exit 44
        fi
                   done

Learn VMware knowledge , Learn openstack, Learn container

Tuesday, October 18, 2016

A script to monitor APD and take tcpdump

No comments: