sysdig logdata incomplete, when I specify the log information and output format #1596
Labels
Comments
|
Same problem happens to me. Strange thing is i used to collect some information, but now even though i did not change sysdig script, the log is incomplete. |
|
This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
According to the manual, I define my output format, and use the sysdig command in this way:
sysdig -p "%evt.num %evt.time name=%proc.name pid=%proc.pid <exe %proc.exe /exe> cwd=%proc.cwd dir=%evt.dir syscall=%syscall.type <args %evt.args/args> fd=%fd.num fd_type=%fd.type fd_name=%fd.name" -w log01
But I find the log is incomplete, like I cannot find the clone, syscall events, as I expected.
And I can find more information, like the expected clone event, in the default way, like just typing sysdig.
sysdig version 0.26.4
Operating System: Ubuntu 18.04.4 LTS
The text was updated successfully, but these errors were encountered: