-
Notifications
You must be signed in to change notification settings - Fork 22
quick start
Mehrdad Arshad Rad edited this page Feb 6, 2021
·
6 revisions
- Make sure you already have libbcc if not please check here.
- Download the tcpdog agent from here.
- Run tcpdog and if your host doesn't have any active TCP connection please try a simple curl like below from another terminal while the tcpdog is running.
curl -s https://www.google.com > /dev/null
The tcpdog output on your terminal would be like below:
2021-02-05T22:23:22.010-0800 info tcpdog {"version": "v0.1.0", "type": "client"}
2021-02-05T22:23:26.270-0800 info console {"msg": "console has been started"}
2021-02-05T22:23:26.271-0800 info ebpf {"msg": "sock:inet_sock_set_state has been attached"}
"RTT":3013,"TotalRetrans":0,"SAddr":"10.0.2.15","DAddr":"142.250.68.4","DPort":443,"Timestamp":1612592607
you can change the TCP fields and other parameters through command-line.
usage: tcpdog options
options:
--ipv4, -4 enable IPv4 address (default: true if ipv6 is false)
--ipv6, -6 enable IPv6 address (default: false)
--tracepoint value, --tp value tracepoint name (default: "sock:inet_sock_set_state")
--fields value, -f value tcp fields (default: "rtt,totalretrans,saddr,daddr,dport")
--state value, -s value tcp state (default: "TCP_CLOSE")
--config value, -c value path to a file in yaml format to read configuration
--sample value, -a value sample rate (default: 0)
--workers value, -w value number of workers (default: 1)
--help, -h show help (default: false)