Find the answer to your Linux question:
Results 1 to 5 of 5
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Memory dump a live process

    Hi all
    As the name of board states, I am a newbie. I know little about linux and bash scripting but am trying to learn. I have been reading alot on line and trying things. What I am trying to do is perform a memory dump on a live process. I have come across several scripts that approach the task but I really don't know what to look for. I would like to figure out how to obtain the PID of the process when it starts and perform a memory dump. Can somebody guide me?
    Thanks a million

  2. #2
    Linux Engineer docbop's Avatar
    Join Date
    Nov 2009
    Woodshed, CA
    Getting a PID is simple open a terminal and type ps -aux will give a list of all the running processes. If you have the app name you can use pgrep appname to get just the PID of that application.

    If getting start a good website to know is nixCraft lots of excellent articles. Here's one on collection memory foresnics.

    Top 8 Tools For Linux / Unix Memory Forensics Analysis

  3. #3
    Thank you for the information. I will take a look.
    Thanks again

  4. $spacer_open
  5. #4
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Either at home or at work or down the pub
    A modern Linux will also have smaps. Once you have the process ID, run
    cat /proc/PROCESS ID HERE/smaps
    for more info than you can shake a stick at.
    Should you be sitting wondering,
    Which Batman is the best,
    There's only one true answer my friend,
    It's Adam Bloody West!

    The Fifth Continent

  6. #5
    Thank you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts