
Kernel Tracing Qmax on Solaris – Part 2 - boltonpa
http://blog.m0noc.com/2016/08/kernel-tracing-qmax-on-solaris-part-2.html
======
brendangregg
I've DTrace'd qmax before -- pretty useful, back in the day of Solaris.

Linux is finally getting these superpowers too with BPF:
[https://github.com/iovisor/bcc#tools](https://github.com/iovisor/bcc#tools) ,
which is great news for all of us running Linux.

~~~
otoburb
'brendangregg - Do you believe that DTrace will maintain status as the
penultimate bees knees in dynamic tracing for the foreseeable future, or will
Linux's BPF and other tracing tools quickly overtake DTrace?

------
sd0a
S10u9 in 2016? That seems pretty odd, I'm guessing you are avoiding Oracle
releases of S10, but also Illumos. Why?

~~~
boltonpa
I wouldn't say I'm avoiding Oracle/newer releases; I do use them along with
e.g. Solaris 2.6, Linux 2.x, 4.x, etc.

For many pen-testers and sys-admins we still need to understand, abuse, and
support legacy tech in addition to the latest tech. Only a few days ago it was
reported that the UK's Met police still have 27,000 PCs running Windows XP.

It isn't just about using the tools, but understanding and fixing problems
encountered when running them; in this case using Illumos source as a guide
with a number of other techniques to get the tool to work on the closed source
version of Solaris.

In any case, I think there is a "hacker"/technical curiosity in playing with
this stuff and understanding how it works, so it's fair game.

