windows.properties revision 1870:4aa2e64eff30 
1#
2# Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved.
3# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4#
5# This code is free software; you can redistribute it and/or modify it
6# under the terms of the GNU General Public License version 2 only, as
7# published by the Free Software Foundation.
8#
9# This code is distributed in the hope that it will be useful, but WITHOUT
10# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
11# FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
12# version 2 for more details (a copy is included in the LICENSE file that
13# accompanied this code).
14#
15# You should have received a copy of the GNU General Public License version
16# 2 along with this work; if not, write to the Free Software Foundation,
17# Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
18#
19# Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
20# or visit www.oracle.com if you need additional information or have any
21# questions.
22#
23
24config.execSuffix=.exe
25config.getChildren.app=bash
26config.getChildren.pattern=%p
27config.getChildren.args=-c\0wmic process where ParentProcessId=%p get ProcessId | tail -n+2
28config.getChildren.args.delimiter=\0
29################################################################################
30# process info to gather
31################################################################################
32onTimeout=\
33  native.info \
34  native.pmap.normal native.pmap.everything \
35  native.files native.locks \
36  native.stack native.core
37################################################################################
38native.pattern=%p
39native.javaOnly=false
40native.args=%p
41
42native.info.app=wmic
43native.info.args=process where processId=%p list full
44
45native.pmap.app=pmap
46native.pmap.normal.args=%p
47native.pmap.everything.args=-x %p
48
49native.files.app=handle
50native.files.args=-p %p
51# TODO
52native.locks.app=lslocks
53native.locks.args=-u --pid %p
54
55native.stack.app=cdb
56native.stack.args=-c "~*kP n;qd" -p %p
57native.stack.params.repeat=6
58
59native.core.app=cdb
60native.core.args=-c ".dump /f core.%p;qd" -p %p
61native.core.params.timeout=3600000
62################################################################################
63# environment info to gather
64################################################################################
65environment=\
66  users.current users.logged \
67  disk \
68  env \
69  system.events.system system.events.application system.os \
70  process.top process.ps process.tasklist \
71  memory.free memory.vmstat.default memory.vmstat.statistics \
72        memory.vmstat.slabinfo memory.vmstat.disk \
73  files \
74  net.sockets net.statistics
75################################################################################
76users.current.app=id
77users.current.args=-a
78users.logged.app=query
79users.logged.args=user
80
81disk.app=df
82disk.args=-h
83
84env.app=env
85
86system.events.app=powershell
87system.events.delimiter=\0
88system.events.system.args=-NoLogo\0-Command\0Get-EventLog System -After (Get-Date).AddDays(-1) | Format-List
89system.events.application.args=-NoLogo\0-Command\0Get-EventLog Application -After (Get-Date).AddDays(-1) | Format-List
90
91system.os.app=wmic
92system.os.args=os get /format:list
93
94process.top.app=top
95process.top.args=-b -n 1
96process.ps.app=ps
97process.ps.args=-efW
98process.tasklist.app=tasklist
99process.tasklist.args=/V
100
101memory.free.app=free
102memory.vmstat.app=vmstat
103memory.vmstat.statistics.args=-s
104memory.vmstat.slabinfo.args=-m
105memory.vmstat.disk.args=-d
106
107files.app=openfiles
108files.args=/query
109
110net.sockets.app=bash
111net.sockets.args=-c\0netstat -b -a -t -o || netstat -a -t -o
112net.sockets.args.delimiter=\0
113net.statistics.app=netstat
114net.statistics.args=-s -e
115################################################################################
116