Infrastructure Layer

Process Killer Attack

The Process Killer Gremlin kills targeted processes over a supplied interval throughout the length of the attack.

When targeting processes with the --process argument, you can pass a regular expression, which matches processes in the same way that pgrep(1) does, or you can pass a specific PID. When passing a regular expression, Gremlin will only match on the process name (arg0) unless --full is also supplied.

Linux

The Process Killer Gremlin sends the signal supplied by --signal (defaults to KILL) to processes identified by the rest of the supplied arguments.

This Gremlin requires the KILL capability, which is enabled for Gremlin by default at installation time. See capabilities(7)

Options

Parameter	Flag	Required	Default	Version	Description
Signal	-s string	False	`KILL`	1.8.0	The signal to send to target processes. Values: [`HUP`,`INT`,`QUIT`,`ILL`,`TRAP`,`ABRT`,`FPE`,`KILL`,`SEGV`,`PIPE`,`ALRM`,`TERM`,`USR1`,`USR2`]
Interval	-i int	False	`1`	1.8.0	The number of seconds to delay before kills.
Process	-p reg ex or int	True		1.8.0	The process name to match (allows regex) or the process ID.
Group	-g string	False		1.8.0	The group name or ID to match against (name matches only).
User	-u string	False		1.8.0	The user name or ID to match against (name matches only).
Newest	-n	False	`False`	1.8.0	If set the newest matching process will be killed (name matches only, cannot be used with -o).
Oldest	-o	False	`False`	1.8.0	If set the oldest matching process will be killed (name matches only, cannot be used with -n).
Exact	-e	False	`False`	1.8.0	If set the match must be exact and not just a substring match (name matches only).
Kill Children	-c	False	`False`	1.8.0	If set the processes children will also be killed.
Full Match	-f	False	`False`	1.8.0	If set the processes name match will occur against the full command line string that the process was launched with.
Length	-l int	False	`60`	1.8.0	The length of the attack (seconds).