I've the following dtrace one-liner:
sudo dtrace -n 'syscall:::entry { @num[probefunc] = count(); }'
which prints number of syscall count by program (after hitting Ctrl-C.
How do I add filter above probe to only apply to a process by its name (e.g. php)? Similar to dtruss -n <name>.
Ok, this is fairly straight forward, since it can be checked in dtruss how the filtering is done:
$ grep -C5 NAME $(which dtruss)
syscall:::entry
/(OPT_command && pid == $target) ||
(OPT_pid && pid == PID) ||
(OPT_name && NAME == strstr(NAME, execname)) ||
(OPT_name && execname == strstr(execname, NAME)) ||
(self->child)/
{
/* set start details */
where NAME is the process name.
So the one-liner command is (replace php with your process name):
sudo dtrace -n '
inline string NAME = "php";
syscall:::entry
/(NAME == strstr(NAME, execname)) || (execname == strstr(execname, NAME))/
{ @num[probefunc] = count(); }
'