Home
CatStrace is a content-aware tracer implemented in Python that executes the Strace command to trace an application’s execution. It uses the strace tool to capture the applications request and parses the collected information into socket (connect, accept, send, receive) and disk (open, read, write) events and saves them to a file (CatLog).
- Collection and parsing of applications requests
- Summarization of the requests' content for storage space savings purposes
CatStrace architecture has two main components: the collector and the handler. The collector module runs the Strace command and collects the system calls issued by the target system. The handler module parses the Strace output and generates a CaTlog file with the resultant events.
CatStrace has the option to summarize the contents of the system call buffers and save only its signatures. This summarization process is done at the SigComp submodule after the system call is parsed into an Event by the Parser submodule.
CatStrace can be used for parsing strace output. In this case, the strace command is run separately, and once finished, its output is passed to CatStrace. Alternatively, it can be used to run Strace and parse its output at runtime (live mode).