# # Copyright (c) 2015, Oracle and/or its affiliates. All rights reserved. # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. # # This code is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License version 2 only, as # published by the Free Software Foundation. # # This code is distributed in the hope that it will be useful, but WITHOUT # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or # FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License # version 2 for more details (a copy is included in the LICENSE file that # accompanied this code). # # You should have received a copy of the GNU General Public License version # 2 along with this work; if not, write to the Free Software Foundation, # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA. # # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA # or visit www.oracle.com if you need additional information or have any # questions. # config.execSuffix=.exe config.getChildren.app=bash config.getChildren.pattern=%p config.getChildren.args=-c\0wmic process where ParentProcessId=%p get ProcessId | tail -n+2 config.getChildren.args.delimiter=\0 ################################################################################ # process info to gather ################################################################################ onTimeout=\ native.info \ native.pmap.normal native.pmap.everything \ native.files native.locks \ native.stack native.core ################################################################################ native.pattern=%p native.javaOnly=false native.args=%p native.info.app=wmic native.info.args=process where processId=%p list full native.pmap.app=pmap native.pmap.normal.args=%p native.pmap.everything.args=-x %p native.files.app=handle native.files.args=-p %p # TODO native.locks.app=lslocks native.locks.args=-u --pid %p native.stack.app=cdb native.stack.args=-c "~*kP n;qd" -p %p native.stack.params.repeat=6 native.core.app=cdb native.core.args=-c ".dump /f core.%p;qd" -p %p native.core.params.timeout=3600000 ################################################################################ # environment info to gather ################################################################################ environment=\ users.current users.logged \ disk \ env \ system.events.system system.events.application system.os \ process.top process.ps process.tasklist \ memory.free memory.vmstat.default memory.vmstat.statistics \ memory.vmstat.slabinfo memory.vmstat.disk \ files \ net.sockets net.statistics ################################################################################ users.current.app=id users.current.args=-a users.logged.app=query users.logged.args=user disk.app=df disk.args=-h env.app=env system.events.app=powershell system.events.delimiter=\0 system.events.system.args=-NoLogo\0-Command\0Get-EventLog System -After (Get-Date).AddDays(-1) | Format-List system.events.application.args=-NoLogo\0-Command\0Get-EventLog Application -After (Get-Date).AddDays(-1) | Format-List system.os.app=wmic system.os.args=os get /format:list process.top.app=top process.top.args=-b -n 1 process.ps.app=ps process.ps.args=-efW process.tasklist.app=tasklist process.tasklist.args=/V memory.free.app=free memory.vmstat.app=vmstat memory.vmstat.statistics.args=-s memory.vmstat.slabinfo.args=-m memory.vmstat.disk.args=-d files.app=openfiles files.args=/query net.sockets.app=bash net.sockets.args=-c\0netstat -b -a -t -o || netstat -a -t -o net.sockets.args.delimiter=\0 net.statistics.app=netstat net.statistics.args=-s -e ################################################################################