Kernel Systemcall Tracer for Linux

What is kstrax? | The features of kstrax | Screen shots | Link

The development of this program is partly supported by IPA (Information-Technology Promotion Agency, Japan).

What is kstrax?

kstrax(Kernel Systemcall Tracer for Linux) is the tool which records systemcall information in the kernel space. kstrax also analyzes and displays the information in the user space. It can trace all systemcalls executed on the system without any change of the kernel source code. kstrax supports IA-32 and IA-64 architecture.

kstrax programs

kstrax consists of the following two parts; Systemcall information and statistics information can be displayed by the analyzer.

Compile/Execution environment

The followings are required to compile, and to execute kstrax. kstrax can work on the following environment.

The features of kstrax

Getting systemcall information

kstrax has following three trace modes;

Analyzing trace log

Kstrax can display the normal systemcall information, raw mode information, statistics information. The following points are different.

Screen shots

Example of tracing all systemcall on the system. Example of tracing all systemcall invoked by specific process Example of tracing specific kind of systemcall (related to file) Example of graph mode.


All Right Reserved, Copyright (C) 2006, Hitachi, Ltd.
This website is hosted by