Sysdig raw out displayed and piped to a txt file but sysdig does not output anything

[Tawfiq Shah]

Hi guys,

I am trying out sysdig  and i wanted to extract its output to a txt with each data separated by commas. My goal is to feed this to a sql db; below is the cmd I use.

The cmd does not yield any errors  but does not output anything to the screen and when i tried to pipe the output to the file its empty. Am i doing something wrong?
  
sudo sysdig -p "%evt.num, %evt.datetime, %evt.latency, %evt.deltatime, %evt.dir, %evt.type, %evt.cpu, %evt.info, %evt.is_io, %evt.io_dir, %evt.is_wait, %evt.is_syslog, %evt.is_io_read, %evt.is_io_write, %user.uid, %user.name, %user.homedir, %user.shell, %group.gid, %group.name, %syslog.severity, %syslog.message, %fd.num, %fd.type, %fd.name, %fd.directory, %fd.filename, %fd.ip, %fd.cip, %fd.sip, %fd.cport, %fd.sport, %fd.l4proto, %fd.sockfamily, %fd.is_server, %proc.pid, %proc.exe, %proc.name, %proc.cmdline, %proc.cwd, %proc.nchilds, %proc.ppid, %proc.pname, %proc.aname, %proc.loginshellid, %proc.duration, %proc.fdopencount, %proc.vmsize, %proc.vmrss, %proc.vmswap, %thread.pfmajor, %thread.pfminor, %thread.tid, %thread.ismain, %thread.exectime, %thread.totexectime" > sysdig_raw_data.txt

If anyone can give me some advice would be great.

Thanks

[Loris Degioanni]

Try to put a '*' at the beginning of the string:

sudo sysdig -p "*%evt.num, %evt.datetime, ..."

See the "Output Formatting" section here https://github.com/draios/sysdig/wiki/Sysdig%20User%20Guide for more information.

Loris

--
www.sysdig.org
https://github.com/draios/sysdig
www.draios.com
---
You received this message because you are subscribed to the Google Groups "sysdig" group.
To unsubscribe from this group and stop receiving emails from it, send an email to sysdig+un...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Tawfiq Shah]

Hi Loris,

Thank you so much for the quick response. Yes that fixed my issue.