Find the answer to your Linux question:
Results 1 to 5 of 5
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1

    Memory dump a live process

    Hi all
    As the name of board states, I am a newbie. I know little about linux and bash scripting but am trying to learn. I have been reading alot on line and trying things. What I am trying to do is perform a memory dump on a live process. I have come across several scripts that approach the task but I really don't know what to look for. I would like to figure out how to obtain the PID of the process when it starts and perform a memory dump. Can somebody guide me?
    Thanks a million

  2. #2
    Linux Engineer docbop's Avatar
    Join Date
    Nov 2009
    Woodshed, CA
    Getting a PID is simple open a terminal and type ps -aux will give a list of all the running processes. If you have the app name you can use pgrep appname to get just the PID of that application.

    If getting start a good website to know is nixCraft lots of excellent articles. Here's one on collection memory foresnics.

    Top 8 Tools For Linux / Unix Memory Forensics Analysis

  3. #3
    Thank you for the information. I will take a look.
    Thanks again

  4. $spacer_open
  5. #4
    Penguin of trust elija's Avatar
    Join Date
    Jul 2004
    Either at home or at work or down the pub
    A modern Linux will also have smaps. Once you have the process ID, run
    cat /proc/PROCESS ID HERE/smaps
    for more info than you can shake a stick at.
    "I used to be with it, then they changed what it was.
    Now what was it isn't it, and what is it is weird and scary to me.
    It'll happen to you too."

    Grandpa Simpson

    The Fifth Continent

  6. #5
    Thank you.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts