t
 Copyright (c) 2004, 2013, Oracle and/or its affiliates. All rights reserved.
 DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.

 This code is free software; you can redistribute it and/or modify it
 under the terms of the GNU General Public License version 2 only, as
 published by the Free Software Foundation.

 This code is distributed in the hope that it will be useful, but WITHOUT
 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
 FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License
 version 2 for more details (a copy is included in the LICENSE file that
 accompanied this code).

 You should have received a copy of the GNU General Public License version
 2 along with this work; if not, write to the Free Software Foundation,
 Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.

 Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
 or visit www.oracle.com if you need additional information or have any
 questions.

 Arch: generic
 Software: JDK 8
 Date: 21 November 2013
 SectDesc: Monitoring Tools
 Title: jstatd.1

 jstatd 1 "21 November 2013" "JDK 8" "Monitoring Tools"
 -----------------------------------------------------------------
 * Define some portability stuff
 -----------------------------------------------------------------
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 http://bugs.debian.org/507673
 http://lists.gnu.org/archive/html/groff/2009-02/msg00013.html
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 -----------------------------------------------------------------
 * set default formatting
 -----------------------------------------------------------------
 disable hyphenation
 disable justification (adjust text to left margin only)
 -----------------------------------------------------------------
 * MAIN CONTENT STARTS HERE *
 -----------------------------------------------------------------


 NAME 
jstatd - Monitors Java Virtual Machines (JVMs) and enables remote monitoring tools to attach to JVMs. This command is experimental and unsupported.

 SYNOPSIS 
 

jstatd [ options ]

 

 
options
The command-line options. See Options.

 DESCRIPTION 
The \f3jstatd command is an RMI server application that monitors for the creation and termination of instrumented Java HotSpot VMs and provides an interface to enable remote monitoring tools to attach to JVMs that are running on the local host.


The \f3jstatd server requires an RMI registry on the local host. The \f3jstatd server attempts to attach to the RMI registry on the default port, or on the port you specify with the \f3-p\f3port option. If an RMI registry is not found, then one is created within the \f3jstatd application that is bound to the port that is indicated by the \f3-p\f3port option or to the default RMI registry port when the \f3-p\f3port option is omitted. You can stop the creation of an internal RMI registry by specifying the \f3-nr option.

 OPTIONS 

-nr


Does not attempt to create an internal RMI registry within the \f3jstatd process when an existing RMI registry is not found.


-p port


The port number where the RMI registry is expected to be found, or when not found, created if the \f3-nr option is not specified.


-n rminame


Name to which the remote RMI object is bound in the RMI registry. The default name is \f3JStatRemoteHost. If multiple \f3jstatd servers are started on the same host, then the name of the exported RMI object for each server can be made unique by specifying this option. However, doing so requires that the unique server name be included in the monitoring client's \f3hostid and \f3vmid strings.


-Joption


Passes \f3option to the JVM, where option is one of the \f3options described on the reference page for the Java application launcher. For example, \f3-J-Xms48m sets the startup memory to 48 MB. See java(1).

 SECURITY 
The \f3jstatd server can only monitor JVMs for which it has the appropriate native access permissions. Therefore, the \f3jstatd process must be running with the same user credentials as the target JVMs. Some user credentials, such as the root user in UNIX-based systems, have permission to access the instrumentation exported by any JVM on the system. A \f3jstatd process running with such credentials can monitor any JVM on the system, but introduces additional security concerns.


The \f3jstatd server does not provide any authentication of remote clients. Therefore, running a \f3jstatd server process exposes the instrumentation export by all JVMs for which the \f3jstatd process has access permissions to any user on the network. This exposure might be undesirable in your environment, and therefore, local security policies should be considered before you start the \f3jstatd process, particularly in production environments or on networks that are not secure.


The \f3jstatd server installs an instance of \f3RMISecurityPolicy when no other security manager is installed, and therefore, requires a security policy file to be specified. The policy file must conform to Default Policy Implementation and Policy File Syntax at http://docs.oracle.com/javase/8/docs/technotes/guides/security/PolicyFiles.html


The following policy file allows the \f3jstatd server to run without any security exceptions. This policy is less liberal than granting all permissions to all code bases, but is more liberal than a policy that grants the minimal permissions to run the \f3jstatd server.

 
\f3grant codebase "file:${java.home}/../lib/tools.jar" { 

 

 
\f3 permission java.security.AllPermission;

 

 
\f3};

 

 
\f3

 
To use this policy setting, copy the text into a file called \f3jstatd.all.policy and run the \f3jstatd server as follows:

 
\f3jstatd -J-Djava.security.policy=jstatd.all.policy

 

 
\f3

 
For sites with more restrictive security practices, it is possible to use a custom policy file to limit access to specific trusted hosts or networks, though such techniques are subject to IP address spoofing attacks. If your security concerns cannot be addressed with a customized policy file, then the safest action is to not run the \f3jstatd server and use the \f3jstat and \f3jps tools locally.

 REMOTE INTERFACE 
The interface exported by the \f3jstatd process is proprietary and guaranteed to change. Users and developers are discouraged from writing to this interface.

 EXAMPLES 
The following are examples of the \f3jstatd command. The \f3jstatd scripts automatically start the server in the background

 INTERNAL RMI REGISTRY 
This example shows hos to start a \f3jstatd session with an internal RMI registry. This example assumes that no other server is bound to the default RMI registry port (port 1099).

 
\f3jstatd -J-Djava.security.policy=all.policy

 

 
\f3

 

 EXTERNAL RMI REGISTRY 
This example starts a \f3jstatd session with a external RMI registry.

 
\f3rmiregistry&

 

 
\f3jstatd -J-Djava.security.policy=all.policy

 

 
\f3

 
This example starts a \f3jstatd session with an external RMI registry server on port 2020.

 
\f3jrmiregistry 2020&

 

 
\f3jstatd -J-Djava.security.policy=all.policy -p 2020

 

 
\f3

 
This example starts a \f3jstatd session with an external RMI registry on port 2020 that is bound to \f3AlternateJstatdServerName.

 
\f3rmiregistry 2020&

 

 
\f3jstatd -J-Djava.security.policy=all.policy -p 2020

 

 
\f3 -n AlternateJstatdServerName

 

 
\f3

 

 STOP THE CREATION OF AN IN-PROCESS RMI REGISTRY 
This example starts a \f3jstatd session that does not create an RMI registry when one is not found. This example assumes an RMI registry is already running. If an RMI registry is not running, then an error message is displayed.

 
\f3jstatd -J-Djava.security.policy=all.policy -nr

 

 
\f3

 

 ENABLE RMI LOGGING 
This example starts a \f3jstatd session with RMI logging capabilities enabled. This technique is useful as a troubleshooting aid or for monitoring server activities.

 
\f3jstatd -J-Djava.security.policy=all.policy

 

 
\f3 -J-Djava.rmi.server.logCalls=true

 

 
\f3

 

 SEE ALSO 
 0.2i 
java(1)

 0.2i 
jps(1)

 0.2i 
jstat(1)

 0.2i 
rmiregistry(1)




'pl 8.5i
'bp