# cat /proc/systemtap/zabbix/disk 
COMMAND         DEV       READS  WRITES READ_KB WRITE_KB
lxterminal      dm-0          8     460       0       7
mysqld          dm-0          4     373      64    8454
zabbix_server   dm-0          0     167       0      13
packagekitd     dm-0         90      10      58       4
sh              dm-0         88       0      87       0
vmtoolsd        dm-0         80       0      12       0
bash            dm-0         40       0       5       0
cat             dm-0         19       0       9       0
crond           dm-0         18       0      30       0
dbus-daemon-lau dm-0         16       0      12       0
firefox         dm-0          0      11       0       6
ls              dm-0          9       0       4       0
NetworkManager  dm-0          4       4       0       0
zabbix_agentd   dm-0          0       5       0       0
dbus-daemon     dm-0          4       0       0       0

#SystemTap script for Zabbix
#*NOTE* You, the end user of this script, are responsible for any risks #associated with using this script.
#Compile string:
# stap -m zabbix zabbix.stp
#Information can be found in /proc/systemtap/zabbix/*
#Current process statistics are found in network
#clear_on_read sets weather or not the statistics are reset when read
# the default is 0.
#The network file is limited to 4096 bytes in size

global ifxmit, ifrecv
global io_read, io_write
global merged
global clear_on_read

probe begin 
{
  clear_on_read=0
}

function get_exec()
{
  if (pid()==0)
    exec="LinuxKernel"
  else
    exec=execname()
  return exec
}

probe netdev.transmit
{
  ifxmit[dev_name, get_exec()] <<< length
}

probe netdev.receive
{
  ifrecv[dev_name, get_exec()] <<< length
}

probe vfs.read.return
{
  if (($return>0) && (devname!="N/A"))
    io_read[devname,get_exec()] <<< $return
}

probe vfs.write.return
{
  if (($return>0) && (devname!="N/A"))
    io_write[devname,get_exec()] <<< $return
}

probe procfs("clear_on_read").read
{
  $value=sprintf("%u",clear_on_read)
}

probe procfs("clear_on_read").write
{
  clear_on_read=strtol($value,2)
}

probe procfs("network").umask(0444).read.maxsize(4096)
{
  delete merged
  $value=sprintf("%-15s %-7s %7s %7s %7s %7s\n",
         "COMMAND", "DEV", "XMIT_PK", "RECV_PK",
         "XMIT_KB", "RECV_KB")

  foreach ([dev, exec] in ifrecv) {
      merged[dev, exec] += @count(ifrecv[dev,exec]);
  }
  foreach ([dev, exec] in ifxmit) {
      merged[dev, exec] += @count(ifxmit[dev,exec]);
  }
  foreach ([dev, exec] in merged-) {
    n_xmit = @count(ifxmit[dev, exec])
    n_recv = @count(ifrecv[dev, exec])
    $value.=sprintf("%-15s %-7s %7d %7d %7d %7d\n",
           exec, dev, n_xmit, n_recv,
           n_xmit ? @sum(ifxmit[dev, exec])/1024 : 0,
           n_recv ? @sum(ifrecv[dev, exec])/1024 : 0)
  }

  if (clear_on_read)
  {
    delete ifxmit
    delete ifrecv
  } 
  delete merged
}

probe procfs("disk").umask(0444).read.maxsize(4096)
{
  delete merged
  $value=sprintf("%-15s %-7s %7s %7s %7s %7s\n",
         "COMMAND", "DEV", "READS", "WRITES",
         "READ_KB", "WRITE_KB")

  foreach ([dev, exec] in io_read) {
          merged[dev, exec] += @count(io_read[dev,exec]);
  }
  foreach ([dev, exec] in io_write) {
          merged[dev, exec] += @count(io_write[dev,exec]);
  }
  foreach ([dev, exec] in merged-) {
    writes = @count(io_write[dev, exec])
    reads = @count(io_read[dev, exec])
    $value.=sprintf("%-15s %-7s %7d %7d %7d %7d\n",
           exec, dev, reads, writes,
           reads ? @sum(io_read[dev, exec])/1024 : 0,
           writes ? @sum(io_write[dev, exec])/1024 : 0)
  }

  if (clear_on_read)
  {
    delete ifxmit
    delete ifrecv
  } 
  delete merged
}

# staprun /path/to/zabbix.ko