Sysdig - System Exploration & Troubleshooting Tool

sysdig - an open source system-level exploration and troubleshooting tool. Sysdig captures system calls and other system level events using a linux kernel facility called tracepoints, which means much less overhead than strace.

It then "packetizes" this information, so that you can save it into trace files and filter it, a bit like you would do with tcpdump. This makes it very flexible to explore what processes are doing.
Sysdig is also packed with a set of scripts that make it easier to extract useful information and do troubleshooting.

Traditionally, system-level monitoring and troubleshooting still largely involve logging into the machine with SSH and using a plethora of dated tools with very inconsistent interfaces. And since most tools don’t offer any kind of history, you’re left struggling to reproduce the problem. Or even worse, just staring at the screen hoping that it happens again. Sysdig wants to improve your life, by introducing some key concepts:

  • ·         offering unified, coherent, and granular visibility into the storage, processing, network, and memory subsystems
  • ·         making it possible to create trace files for system activity, similarly to what you can do for networks with tools like tcpdump and Wireshark, so that the problem can be analyzed at a later time, without losing important information
  • ·         including rich system state in the trace files, so that the captured activity can be put in context and understood
  • ·         offering a filtering language to dig into the information in a natural and interactive way
  • ·         including a rich library of Lua scripts to solve common problems, which we call chisels (to carve up the data you unearthed... get it?). Think about sysdig as strace + tcpdump + lsof + steroids.

How does it work?

Sysdig instruments your physical and virtual machines at the OS level by installing into the Linux kernel and capturing system calls and other OS events. Then, using sysdig's command line interface, you can filter and decode these events in order to extract useful information. Sysdig can be used to inspect systems live in real-time, or to generate trace files that can be analyzed at a later stage.

Automatic Installation

To install sysdig automatically in one step, simply run the following command. This is the recommended installation method.

Warning: The installation script will only install the sysdig package from the Draios APT/YUM repository after verifying all the requirements. For step-by-step manual installation, see the guide below. To install sysdig from the source code, see the instructions here.

curl -s | sudo bash

Sysdig - System Exploration & Troubleshooting Tool Reviewed by Ethical Hacking on 12:00 PM Rating: 5

No comments:

Feel free to ask questions, we love to respond.

All Rights Reserved by The World of IT & Cyber Security: © 2019 - 2020
Powered By Blogger, Designed by Sweetheme

Contact Form


Email *

Message *

Powered by Blogger.