1 #
   2 # Copyright (c) 2015, 2020, Oracle and/or its affiliates. All rights reserved.
   3 # DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4 #
   5 # This code is free software; you can redistribute it and/or modify it
   6 # under the terms of the GNU General Public License version 2 only, as
   7 # published by the Free Software Foundation.
   8 #
   9 # This code is distributed in the hope that it will be useful, but WITHOUT
  10 # ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  11 # FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
  12 # version 2 for more details (a copy is included in the LICENSE file that
  13 # accompanied this code).
  14 #
  15 # You should have received a copy of the GNU General Public License version
  16 # 2 along with this work; if not, write to the Free Software Foundation,
  17 # Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
  18 #
  19 # Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
  20 # or visit www.oracle.com if you need additional information or have any
  21 # questions.
  22 #
  23 
  24 config.execSuffix=.exe
  25 config.getChildren.app=bash
  26 config.getChildren.pattern=%p
  27 config.getChildren.args=-c\0wmic process where ParentProcessId=%p get ProcessId | tail -n+2
  28 config.getChildren.args.delimiter=\0
  29 ################################################################################
  30 # process info to gather
  31 ################################################################################
  32 onTimeout=\
  33   native.info \
  34   native.pmap.normal native.pmap.everything \
  35   native.files native.locks \
  36   native.stack native.core
  37 ################################################################################
  38 native.pattern=%p
  39 native.javaOnly=false
  40 native.args=%p
  41 
  42 native.info.app=wmic
  43 native.info.args=process where processId=%p list full
  44 
  45 native.pmap.app=pmap
  46 native.pmap.normal.args=%p
  47 native.pmap.everything.args=-x %p
  48 
  49 native.files.app=handle
  50 native.files.args=-p %p
  51 # TODO
  52 native.locks.app=lslocks
  53 native.locks.args=-u --pid %p
  54 
  55 native.stack.app=cdb
  56 native.stack.args=-c "~*kP n;qd" -p %p
  57 native.stack.params.repeat=6
  58 
  59 native.core.app=cdb
  60 native.core.args=-c ".dump /f core.%p;qd" -p %p
  61 native.core.params.timeout=3600000
  62 ################################################################################
  63 # environment info to gather
  64 ################################################################################
  65 environment=\
  66   users.current users.logged \
  67   disk \
  68   env \
  69   system.events.system system.events.application system.os \
  70   process.top process.ps process.tasklist \
  71   memory.free memory.vmstat.default memory.vmstat.statistics \
  72         memory.vmstat.slabinfo memory.vmstat.disk \
  73   files \
  74   net.sockets net.statistics net.ipconfig \
  75   screenshot
  76 ################################################################################
  77 users.current.app=id
  78 users.current.args=-a
  79 users.logged.app=query
  80 users.logged.args=user
  81 
  82 disk.app=df
  83 disk.args=-h
  84 
  85 env.app=env
  86 
  87 system.events.app=powershell
  88 system.events.delimiter=\0
  89 system.events.system.args=-NoLogo\0-Command\0Get-EventLog System -After (Get-Date).AddDays(-1) | Format-List
  90 system.events.application.args=-NoLogo\0-Command\0Get-EventLog Application -After (Get-Date).AddDays(-1) | Format-List
  91 
  92 system.os.app=wmic
  93 system.os.args=os get /format:list
  94 
  95 process.top.app=top
  96 process.top.args=-b -n 1
  97 process.ps.app=ps
  98 process.ps.args=-efW
  99 process.tasklist.app=tasklist
 100 process.tasklist.args=/V
 101 
 102 memory.free.app=free
 103 memory.vmstat.app=vmstat
 104 memory.vmstat.statistics.args=-s
 105 memory.vmstat.slabinfo.args=-m
 106 memory.vmstat.disk.args=-d
 107 
 108 files.app=openfiles
 109 files.args=/query
 110 
 111 net.sockets.app=bash
 112 net.sockets.args=-c\0netstat -b -a -t -o || netstat -a -t -o
 113 net.sockets.args.delimiter=\0
 114 net.statistics.app=netstat
 115 net.statistics.args=-s -e
 116 net.ipconfig.app=ipconfig
 117 net.ipconfig.args=/all
 118 
 119 # var robot = new new java.awt.Robot();
 120 # var ge = java.awt.GraphicsEnvironment.getLocalGraphicsEnvironment();
 121 # var bounds = ge.getDefaultScreenDevice().getDefaultConfiguration().getBounds();
 122 # var file = new java.io.File("screen.png");
 123 # javax.imageio.ImageIO.write(robot.createScreenCapture(bounds, "png", file);
 124 screenshot.app=bash
 125 screenshot.args=-c\0echo 'javax.imageio.ImageIO.write(new java.awt.Robot().createScreenCapture(java.awt.GraphicsEnvironment.getLocalGraphicsEnvironment().getDefaultScreenDevice().getDefaultConfiguration().getBounds()), ""png"", new File(""screen.png""));' | jshell -
 126 screenshot.args.delimiter=\0
 127 ################################################################################