Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basic ringbuf event statistics #198

Merged
merged 2 commits into from
Jul 3, 2024
Merged

Basic ringbuf event statistics #198

merged 2 commits into from
Jul 3, 2024

Conversation

haesbaert
Copy link
Contributor

This adds a new structure ebpf_event_stats where we accumulate stats, right now it only counts lost events vs non-lost events, but we can grow this in the future, like adding per type events if it's interesting enough.

The print in EventsTrace is quite primitive as I believe this will only be used for debugging there, so heh.

Choosing a name for ebpf_ringbuf_write was a bit tricky, I wanted to keep the same parameters but it had to be "different enough" that we could spot it with a naked eye.

While here, adjust the enum of ebpf events to not skip that precious first bit.

@haesbaert
Basic ringbuf event statistics
c8cfe75 
This adds a new structure `ebpf_event_stats` where we accumulate stats, right
now it only counts lost events vs non-lost events, but we can grow this in the
future, like adding per type events if it's interesting enough.

The print in EventsTrace is quite primitive as I believe this will only be used
for debugging there, so heh.

Choosing a name for `ebpf_ringbuf_write` was a bit tricky, I wanted to keep the
same parameters but it had to be "different enough" that we could spot it with a
naked eye.

While here, adjust the enum of ebpf events to not skip that precious first bit.
@haesbaert
The formatter makes this look like crap, so add needless braces
2550cdd
@haesbaert haesbaert requested a review from a team as a code owner July 2, 2024 07:53
haesbaert added a commit to elastic/quark that referenced this pull request Jul 2, 2024
@haesbaert
Add ebpf lost event counter. Issue #38
5fd023d 
This commit includes the pending PR: elastic/ebpf#198
Once that is merged I'll rebase this, so ignore the elastic-ebpf/* bits.

Pretty straighforward, contrary to kprobes which we get the counter on the data
path, with ebpf we have to actually read it, so add a new ops for updating the
counter, we should caution users to not hammer the reading, as it's real
syscall.

Tested by hacking quark-mon away.
@haesbaert haesbaert mentioned this pull request Jul 2, 2024
Merged
@haesbaert haesbaert merged commit 97581e4 into main Jul 3, 2024
24 of 26 checks passed
@haesbaert haesbaert deleted the stats branch July 3, 2024 07:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mjwolf mjwolf mjwolf approved these changes

@nicholasberlin nicholasberlin nicholasberlin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@haesbaert @mjwolf @nicholasberlin