Monday, July 7, 2008

Regular expression in Bash

Regular expressions are handy way of quickly manipulating text data or searching any substring or character in it. Almost every language supports it. For example: perl,C,php,java,etc...

Here is some quick tips on regexp with bash.

This if statement is true if string in data variable starts with numeric values.
if [[ $data =~ ^[0-9] ]]; then

^ means start of the string
[0-9] is range from 0 to 9.
[a-z] from a to z but in lower case.
[A-Z] from A to Z but in capital. as you see it's case sensitive.

if string lasts with a digit
if [[ $data =~ [0-9]$ ]]; then

if string starts with a digit and it's not more than 3 digits
if [[ $data =~ ^[0-9]{1,3} ]]; then

{1,3} means 1 character or at most 3 characters of previous declaration

this one means that string starts with lower case letter and ends again with lower case letter
any other character or numeric value fails this if statement

if [[ $data =~ ^[a-z]+*$ ]]; then

$ means end of line
+ means one or more of the preceding element

here is search and replace statements

this one searches character "a" in data variable and changes its first match with "b| character

this one is exact with previous example with one difference, it searches for all "a" characters and replace all of them with "b" character, please notice double slash.

Sunday, July 6, 2008

Analyzing linux resources with Systemtap

Systemp lets you gather information about your running linux system. So you can diagnose performance and problems on your system(I/O activity, network, sockets,etc.). It provides a command line interface and a scripting language. There is also a gui interface called stapgui on Installing it on Ubuntu is straight forward

sudo apt-get install systemtap
sudo apt-get install linux-image-debug-generic
sudo ln -s /boot/vmlinux-debug-$(uname -r) /lib/modules/$(uname -r)/vmlinux

Systemtap uses kprobes to trace events. Kprobes are markers which are placed on predefined points in kernel. For example if you like to see which programs are run by your system you call syscall exec probe.
Here is a simple stap script which shows which programs are run by your system.

#!/usr/bin/env stap
probe syscall.exec* {
printf("exec %s %s\n", execname(), argstr)

As you can see, stap is similiar to C language.
The key point is to choose which probe point you would like to use.
It is also possible to probe only which process you want by pid or it's name.For example:
probe process("/bin/bash").syscall

Here is another example, suppose you have a disk I/O activity and want to know which processes are causing this.

#!/usr/bin/env stap

global reads, writes, total_io
probe kernel.function("vfs_read").return {
reads[execname()] = total_io[execname()] += $return
probe kernel.function("vfs_write").return {
writes[execname()] = total_io[execname()] += $return
probe timer.s(1) {
foreach(p in total_io- limit 10)
printf("%15s r: %8d KiB w: %8d KiB\n",p, reads[p]/1024,writes[p]/1024)

You can read further at systemtap site