Sysdig – System Monitoring and Troubleshooting Tool For Linux
Last Updated :
17 Mar, 2021
Sysdig is an open-source, cross-platform, system exploration/diagnosing and troubleshooting tool for Linux. Sysdig was written in Lua program language. Sysdig also has a simple, intuitive, powerful, and fully customizable curses UI (User Interface) called Csysdig. System state and activity from a running Linux instance are captured and saved, filtered, and analyzed. All the major Linux troubleshooting commands are included in this tool, into one single application like htop, iftop, lsof, strace, iostat, ps, netstat, tcpdump, etc. So we can use this tool for any troubleshooting activity without going to any of the mentioned commands particularly.
Sysdig Features:
- Filtering of output is supported
- Fast, stable and easy-to-use
- Enable sample advanced log analysis.
- Linux server attack (forensics) analysis features for ethical hackers are offered.
Installing Sysdig in Linux
In Debian/Ubuntu you can install sysdig with the help of APT command or APT-GET command using the following command:-
sudo apt-get -y install sysdig
How to use Sysdig?
Sysdig needs access to some critical areas like /proc file system, /dev/sysdig* devices and also needs to auto-load the sysdig-probe kernel module, therefore they need to be run as a root user or as a superuser(sudo)
Only running the sysdig command without any argument will flood your screen instantly with lots of output and difficult to understand anything that is why more command is used to see page by page.
sysdig | more
Still, confused to understand? Then use the following command to get the more useful output:
sudo csysdig
Sysdig Chisels and Filters
sysdig command has filters that allow you to filter the output .let us discuss them.
Chisels: Sample list of chisels under different categories. Can be shown using the following command:
sudo sysdig -cl
To find out more information about a particular chisel, use the -i flag:
sudo sysdig -i [category name]
httptop
httplog
List of available field classes, fields, and their descriptions by using the following command:
sudo sysdig -l
Linux Processes Monitoring
List system process by typing the following command:
sudo sysdig -c ps
Network Connections and I/O Monitoring
View system network connections, by typing the following command:
sudo sysdig -c netstat
System File I/O Monitoring
Get the output of the data to read and written by processes by typing the following command:
sudo sysdig -c echo_fds
For getting more useful information read the manual by typing the following command:
man sysdig
man csysdig
sysdig
csysdig
Like Article
Suggest improvement
Share your thoughts in the comments
Please Login to comment...