Procuring a Reporter memory dump for Linux

book

Article ID: 166785

calendar_today

Updated On:

Products

Reporter

Issue/Introduction

This should only be done at the request of Symantec support.

  1. Stop reporter.

    1. To do this you execute  a "./bcreporter stopin the etc/init.d  folder.
    2. To make sure it's stoped you execute a "./bcreporter status" in the same folder.
  2. Run reporter in a command window. 

    1. Open a command line window and navigate to the opt/bc/reporter folder, or your installed location.
    2. Execute the "ls -l " command to procure a directory listing. Along with other folders and files, you should see the bcreporter binary, a few journal_xxxx.tst file or two , and a isready.txt file.
    3. Run these commands
      1. ulimit -c unlimited
      2. ./bcreporter
    4. Reporter will now be running, and functional, and you should be seeing it log events to the same terminal window.
    5. If it crashes again, the dump file, called "core",  will be in this folder.  Please upload to this to your SR for analysis by the Symantec team.

 

Procuring a dump, when Reporter causes LINUX to go into a High Utilization state:

  1. Stop reporter.

    1. To do this you execute  a "./bcreporter stop"  in the etc/initi.d folder.
    2. To make sure it's stopped you execute a "./bcreporter status" in the same folder.
  2. Run reporter in a command window. 

    1. Open a command line window and navigate to the opt/bc/reporter folder.
    2. Execute the "ls -l " command to procure a directory listing. Along with other folders and files, you should see the bcreporter binary, a few files ending with the .out extension, and a isready.txt file.
    3. Run these commands
      1. ulimit -c unlimited
      2. ./bcreporter
    4. Reporter will now be running, and functional, and you should be seeing it log events to the same terminal window.
    5. If it goes into a high utilization situation again, you need to execute this command in another terminal window, to determine the PID number: 

                         –" ps –aux |grep reporter"   

                6: In the same terminal window, use the number found in the above command to execute this command which will kill the Reporter service, and create a core: 
                         –" kill -segv <PID NUMBER> "
 
General LINUX Notes on taking a core:
  • To setup your LINUX server to permantely provide Memory dumps for all applications, follow these  two steps.
    • 1: Add below 2 lines in "/etc/security/limits.conf"
    • *             hard    core            unlimited
      *             soft    core            unlimited
    • 2: comment out the below line in "/etc/profile" if it is not commented by symbol "#"
    • TIP: In other words, change
    • ulimit -S -c 0 > /dev/null 2>&1
    • to
    • #ulimit -S -c 0 > /dev/null 2>&1
  • The “/proc/sys/kernel/core_pattern” file contains a pattern for the name of the core dump file and defaults to the value “core”.
  • The “/proc/sys/kernel/core_uses_pid” file contains a flag designating whether or not to append a dot followed by the PID of the dumping process.
  • The core_pattern may contain certain % specifications that cause other elements to be included in the name of the core dump file.  
  • Here are the possible % specifications:

%% -- output one '%'

%p -- pid

%u -- uid

%g -- gid

%s -- signal number

%t -- UNIX time of dump

%h -- hostname

%e -- executable filename

 

NOTE1: If the core_pattern file does not include “%p” (the default does not) and the core_uses_pid file contains a non-zero value (something other than ‘0’), then a dot and PID will be appended to the name of the core dump file.

NOTE2: You must be root to configure these things. 

NOTE3: Here is an example to make the core file name to contain executable file name and time of the dump:

echo core.%e.%t > /proc/sys/kernel/core_pattern

NOTE4: More information about the -segv switch can we found here WIKI SITE 
 

NOTE5:Generic informatoin about taking a memory dump on LINUX, can be found here IBM INFO.

 
 
 
 
 

 

 

Resolution

ProxySG and WSS use the Symantec GIN services to categorize and classify URLs. It is possible that SEP and GIN do not use the same criteria for URL classification.