Pricing

Show HN: Xcapture-BPF – X-Ray Vision for Linux Systems

BY Mark Howell 4 July 20244 MINS READ
article cover

Today in Edworking News, we want to talk about 0x.tools X-Ray vision for Linux systems.
By Tanel Poder, 0x.tools
0x.tools (GitHub) is a set of open-source utilities for analyzing application performance on Linux. It aims for deployment simplicity and minimal dependencies to reduce friction in systematic troubleshooting. There's no need to upgrade the OS, install kernel modules, heavy monitoring frameworks, Java agents, or databases. 0x.tools allow you to measure individual thread-level activity, like thread-executed code, sleep states, system calls, and kernel wait locations by tracking (not tracing) and then sampling the right events at the right time.

xcapture-bpf & xtop 2.0.2 beta

TL;DR

The latest eBPF update brings exciting new features. This includes xcapture-bpf (and xtop), tools similar to the Linux top tool but extended with x-ray vision. They allow you to view performance data from any angle that eBPF allows instrumenting. You can get a system-level overview and then drill down into individual threads' activity and even specific kernel events like lock waits or memory stalls. The customization and programmability of eBPF are fully utilized, though currently only 5% of its capabilities have been implemented, with more to come.
Image:

_Description: The terminal text search/highlighting and stacktiles formatting method work seamlessly together, allowing you to fit more relevant information on the screen._

xcapture-bpf Installation

xcapture-bpf is still in beta and should not be used on busy production systems yet. As it uses eBPF (and currently BCC with python3 as a reporting frontend), it's best tested on RHEL 8.1 (or a clone) or Ubuntu 24.04. Compatibility issues exist with Ubuntu 22.04 and 20.04's BCC and kernels. For installation, if you try out other distros/platforms, feedback on the results is encouraged.
For RHEL8, prerequisites can be installed using:
```bash
sudo yum install bcc-tools python3
git clone https://github.com/tanelpoder/0x.tools.git
cd 0x.tools/xcapture-bpf

Included Tools

0x.tools come with two classes of utilities:

  • xcapture: Written in C for efficiency purposes and includes a single C source file and a single header file for system call name translation.

  • All other tools are Python or shell scripts.

Usage & Example Output

  • Sample Linux thread activity and display fixed-width output on the screen.

  • Sample threads in all states (including Sleeping) and write output into hourly CSV files.

  • Query the thread activity history for performance analysis directly from your command line or by loading the CSV into any database.
    Example:
    ```sh
    cat 2020-10-??.0[89].csv | grep -i "error" | sort -u

Installation & Usage

  • xcapture, schedlat, and psn sample the /proc filesystem just like standard tools such as ps, top, and lsof. Since the /proc filesystem is a Linux kernel presenting useful metrics to userspace as user-readable files, no additional configuration or fancy installations are required.

FAQs

How is 0x.tools licensed?
0x.tools is an open-source, GPL v3-licensed product.
Measurement overhead?
Minimal, well under 1% of your server's CPU capacity.
Is it safe for production?
Yes, 0x.tools are designed to be safely used in production environments.
---

Remember these 3 key ideas for your startup:

  1. Simplified Deployment:
    0x.tools require no OS upgrades or heavy monitoring frameworks, making it convenient to implement without upsetting your existing infrastructure. This reduces friction considerably, especially vital for startups that cannot afford lengthy downtimes or complex installations.

  2. Versatile Performance Monitoring:
    The tools offer extensive features like tracking individual thread activities and kernel events without substantial deployment difficulties. This diagnostic flexibility allows SMEs to identify performance bottlenecks easily and ensure smooth operations.

  3. Low Overhead and Minimal Resources:
    The tools are designed to run with very low overhead, allowing even small companies to leverage advanced performance analysis without hampering their resources. This is especially crucial when the budget is tight and efficiency is critical.
    Edworking is the best and smartest decision for SMEs and startups to be more productive. Edworking is a FREE superapp of productivity that includes all you need for work powered by AI in the same superapp, connecting Task Management, Docs, Chat, Videocall, and File Management. Save money today by not paying for Slack, Trello, Dropbox, Zoom, and Notion.
    For more details, see the original source.

article cover
About the Author: Mark Howell Linkedin

Mark Howell is a talented content writer for Edworking's blog, consistently producing high-quality articles on a daily basis. As a Sales Representative, he brings a unique perspective to his writing, providing valuable insights and actionable advice for readers in the education industry. With a keen eye for detail and a passion for sharing knowledge, Mark is an indispensable member of the Edworking team. His expertise in task management ensures that he is always on top of his assignments and meets strict deadlines. Furthermore, Mark's skills in project management enable him to collaborate effectively with colleagues, contributing to the team's overall success and growth. As a reliable and diligent professional, Mark Howell continues to elevate Edworking's blog and brand with his well-researched and engaging content.

Trendy NewsSee All Articles
CoverEdit PDFs Securely & Freely: Breeze PDF In-Browser SolutionBreeze PDF is a free, offline browser-based PDF editor ensuring privacy. It offers text, image, and signature additions, form fields, merging, page deletion, and password protection without uploads.
BY Mark Howell 13 days ago
CoverDecoding R1: The Future of AI Reasoning ModelsR1 is an affordable, open-source AI model emphasizing reasoning, enabling innovation and efficiency, while influencing AI advancements and geopolitical dynamics.
BY Mark Howell 26 January 2025
CoverSteam Brick: A Minimalist Gaming Console Redefines PortabilitySteam Brick: A modified, screenless Steam Deck for travel, focusing on portability by using external displays and inputs. A creative yet impractical DIY project with potential risks.
BY Mark Howell 26 January 2025
CoverVisual Prompt Injections: Essential Guide for StartupsThe Beginner's Guide to Visual Prompt Injections explores vulnerabilities in AI models like GPT-4V, highlighting security risks for startups and offering strategies to mitigate potential data compromises.
BY Mark Howell 13 November 2024
CoverGraph-Based AI: Pioneering Future Innovation PathwaysGraph-based AI, developed by MIT's Markus J. Buehler, bridges unrelated fields, revealing shared complexity patterns, accelerating innovation by uncovering novel ideas and designs, fostering unprecedented growth opportunities.
BY Mark Howell 13 November 2024
CoverRevolutionary Image Protection: Watermark Anything with Localized MessagesWatermark Anything enables embedding multiple localized watermarks in images, balancing imperceptibility and robustness. It uses Python, PyTorch, and CUDA, with COCO dataset, under CC-BY-NC license.
BY Mark Howell 13 November 2024
CoverJungle Music's Role in Shaping 90s Video Game SoundtracksJungle music in the 90s revolutionized video game soundtracks, enhancing fast-paced gameplay on PlayStation and Nintendo 64, and fostering a cultural revolution through its energetic beats and immersive experiences.
BY Mark Howell 13 November 2024
CoverMastering Probability-Generating Functions: A Guide for EntrepreneursProbability-generating functions (pgfs) are mathematical tools used in probability theory for data analysis, risk management, and predictive modeling, crucial for startups and SMEs in strategic decision-making.
BY Mark Howell 31 October 2024
Try EdworkingA new way to work from  anywhere, for everyone for Free!
Sign up Now