A script to collect snoop/tcpdump on Linux/Solaris Servers in case of segmentation fault ?
We faced a strange issue where a segmentation fault occurs randomly on server and there are no logs captured on server to analyze the issue.
In this situation, we got stuck with no way forward.
Hence i have created a script to capture a snoop trace on solaris host, and tcpdump on linux host to capture the network behavior to know the abnormalities with the particular process or application while interacting with network elements.
Here is the script:
#!/bin/bash before_attribute_data="/var/tmp/before_dump.txt" after_attribute_data="/var/tmp/after_dump.txt" LOGFILE="/var/tmp/dump_sub_logfile.txt" ROOTMAIL="/var/mail/root" ### solaris mail file SNOOPEXISTS="/var/tmp/snooppid.txt" SNOOPOUTPUT="/var/tmp/snoop_dump.pcap" snooppid=`ps -ef|grep -i "$SNOOPOUTPUT"|grep -v grep|awk '{print $2}'` ###### Verify if fault occurred by checking command: ls -l /var/tmp/snooppid.txt; if file exists, share the below files. ###### Provide files /var/tmp/before_dump.txt, /var/tmp/after_dump.txt and the snoop file /var/tmp/snoop_dump.pcap for analysis. if [ `cat $ROOTMAIL | grep -i 'Segmentation Fault' | wc -l` -gt 0 ]; then if [ ! -f \"$SNOOPEXISTS\" ]; then ### do action if fault occurs like sendmail, etc echo $snooppid >> $SNOOPEXISTS if [ ! -z "$snooppid" ]; then kill -9 $snooppid fi ttIsql -connStr dsn=sdp_db -v 1 -e " select * from offer_attribute; exit;" > $after_attribute_data fi else #### Here we will collect snoop if required, snoop is not collected yet. if [ ! -f \"$SNOOPEXISTS\" ]; then if [ ! -z "$snooppid" ]; then kill -9 $snooppid fi rm -rf $SNOOPOUTPUT; snoop -o $SNOOPOUTPUT 2>> $LOGFILE & ttIsql -connStr dsn=sdp_db -v 1 -e " select * from offer_attribute; exit;" > $before_attribute_data fi fi
Please let me know if you are able to successfully schedule the script on your servers as well…
Also in case of Linux servers, we need to replace snoop with tcpdump command.