How to monitor number of syscalls executed by kernel?

Question

I need to monitor amount of system calls executed by Linux. I'm aware that vmstat has ability to show this for BSD and AIX systems, but for Linux it can't (according to man page).

Is there any counter in /proc? Or is there any other way to monitor it?

Answer 1

I wrote a simple SystemTap script(based on syscalls_by_pid.stp). It produces output like this:

ProcessName          #SysCalls

munin-graph          38609 
munin-cron           8160  
fping                4502  
check_http_demo      2584  
check_nrpe           2045  
sh                   1836  
nagios               886   
sendmail             747   
smokeping            649   
check_http           571   
check_nt             376   
pcscd                216   
ping                 108   
check_ping           100   
crond                87    
stapio               69    
init                 56    
syslog-ng            27    
sshd                 17    
ntpd                 9     
hp-asrd              8     
hald-addon-stor      7     
automount            6     
httpd                4     
stap                 3     
flow-capture         2     
gam_server           2     

Total                61686

The script itself:

#! /usr/bin/env stap

#
# Print the system call count by process name in descending order.
#

global syscalls

probe begin {
  print ("Collecting data... Type Ctrl-C to exit and display results\n")
}

probe syscall.* {
  syscalls[execname()]++
}

probe end {
  printf ("%-20s %-s\n\n", "ProcessName", "#SysCalls")
  summary = 0
  foreach (procname in syscalls-) {
    printf("%-20s %-10d\n", procname, syscalls[procname])
    summary = summary + syscalls[procname]
  }
  printf ("\n%-20s %-d\n", "Total", summary)
}