{"id":13867,"date":"2019-04-06T12:28:54","date_gmt":"2019-04-06T12:28:54","guid":{"rendered":"http:\/\/www.appservgrid.com\/paw92\/?p=13867"},"modified":"2019-04-06T12:28:54","modified_gmt":"2019-04-06T12:28:54","slug":"sysdig-a-powerful-system-monitoring-and-troubleshooting-tool-for-linux","status":"publish","type":"post","link":"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/04\/06\/sysdig-a-powerful-system-monitoring-and-troubleshooting-tool-for-linux\/","title":{"rendered":"Sysdig \u2013 A Powerful System Monitoring and Troubleshooting Tool for Linux"},"content":{"rendered":"<p><strong>Sysdig<\/strong>\u00a0is an open-source, cross-platform, powerful and flexible system monitoring and troubleshooting tool for Linux; it also works on Windows and Mac OSX but with limited functionality and can be used for system analysis, inspection and debugging.<\/p>\n<p>Normally, you would employ a mix of various\u00a0<a href=\"https:\/\/www.tecmint.com\/command-line-tools-to-monitor-linux-performance\/\" target=\"_blank\" rel=\"noopener\">Linux performance monitoring and troubleshooting tools<\/a>including these ones listed below to perform the Linux monitoring and debugging tasks:<\/p>\n<ol>\n<li>strace \u2013 discover system calls and signals to a process.<\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/12-tcpdump-commands-a-network-sniffer-tool\/\" target=\"_blank\" rel=\"noopener\">tcpdump<\/a>\u00a0\u2013 raw network traffic monitoring.<\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/20-netstat-commands-for-linux-network-management\/\" target=\"_blank\" rel=\"noopener\">netstat<\/a>\u00a0\u2013 network connections monitoring.<\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/install-htop-linux-process-monitoring-for-rhel-centos-fedora\/\" target=\"_blank\" rel=\"noopener\">htop<\/a>\u00a0\u2013 real time process monitoring.<\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/install-iftop-bandwidth-monitoring-tool-in-rhel-centos-fedora\/\" target=\"_blank\" rel=\"noopener\">iftop<\/a>\u00a0\u2013 real time network bandwidth monitoring.<\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/10-lsof-command-examples-in-linux\/\" target=\"_blank\" rel=\"noopener\">lsof<\/a>\u00a0\u2013 view which files are opened by which process.<\/li>\n<\/ol>\n<p>However,\u00a0<strong>sysdig<\/strong>\u00a0integrates what all the above tools and many more, offer in a single and simple program, more so with amazing container support. It enables you to capture, save, filter and examine the real behavior (stream of events) of Linux systems as well as containers.<\/p>\n<p>It comes with a command line interface and a powerful interactive UI (<strong>csysdig<\/strong>) which allow you to watch system activity in real time, or perform a trace dump and save for later analysis. You can watch how csysdig works from the below video.<\/p>\n<p align=\"center\"><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/UJ4wVrbP-Q8?rel=0\" width=\"720\" height=\"400\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\" data-mce-fragment=\"1\"><\/iframe><\/p>\n<h4>Sysdig Features:<\/h4>\n<ul>\n<li>It is fast, stable and easy-to-use with comprehensively well documented.<\/li>\n<li>Comes with native support for container technologies, including Docker, LXC.<\/li>\n<li>It is scriptable in Lua; offers chisels (lightweight Lua scripts) for processing captured system events.<\/li>\n<li>Supports useful filtering of output.<\/li>\n<li>Supports system and application tracing.<\/li>\n<li>It can be integrated with Ansible, Puppet and Logstash.<\/li>\n<li>Enable sample advanced log analysis.<\/li>\n<li>It also offers Linux server attack (forensics) analysis features for ethical hackers and lot\u2019s more.<\/li>\n<\/ul>\n<p>In this article, we will show how to install sysdig on a Linux system, and use it with basic examples of system analysis, monitoring and troubleshooting.<\/p>\n<h3>How To Install Sysdig in Linux<\/h3>\n<p>Installing\u00a0<strong>sysdig<\/strong>\u00a0package is as easy as running the command below, which will check all the requirements; if every thing is in place, it will download and install the package from the Draios APT\/YUM repository.<\/p>\n<pre># curl -s https:\/\/s3.amazonaws.com\/download.draios.com\/stable\/install-sysdig | bash \r\nOR\r\n$ curl -s https:\/\/s3.amazonaws.com\/download.draios.com\/stable\/install-sysdig | sudo bash\r\n<\/pre>\n<p>After installing it, you need to run\u00a0<strong>sysdig<\/strong>\u00a0as root because it requires access to critical areas such as\u00a0<strong>\/proc<\/strong>\u00a0file system,\u00a0<strong>\/dev\/sysdig*<\/strong>\u00a0devices and needs to auto-load the sysdig-probe kernel module (in case it is not); otherwise use the\u00a0<a href=\"https:\/\/www.tecmint.com\/run-sudo-command-without-password-linux\/\" target=\"_blank\" rel=\"noopener\">sudo command<\/a>.<\/p>\n<p>The most basic example is running it without any arguments, this will enable you to view your Linux system stream of events updated in real-time:<\/p>\n<pre>$ sudo sysdig\r\n<\/pre>\n<div id=\"attachment_26962\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Watch-Linux-System-Events.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26962\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Watch-Linux-System-Events.png\" sizes=\"auto, (max-width: 812px) 100vw, 812px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Watch-Linux-System-Events.png 812w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Watch-Linux-System-Events-768x505.png 768w\" alt=\"Watch Linux System Events\" width=\"812\" height=\"534\" aria-describedby=\"caption-attachment-26962\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26962\" class=\"wp-caption-text\">Watch Linux System Events<\/p>\n<\/div>\n<p>The above output (raw data) does not perhaps make a lot of sense to you, for a more useful output run\u00a0<strong>csysdig<\/strong>:<\/p>\n<pre>$ sudo csysdig \r\n<\/pre>\n<div id=\"attachment_26963\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-System-Events.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26963\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-System-Events.png\" sizes=\"auto, (max-width: 888px) 100vw, 888px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-System-Events.png 888w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-System-Events-768x396.png 768w\" alt=\"Monitor Linux System Events\" width=\"888\" height=\"458\" aria-describedby=\"caption-attachment-26963\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26963\" class=\"wp-caption-text\">Monitor Linux System Events<\/p>\n<\/div>\n<p><strong>Note<\/strong>: To get the real feel of this tool, you need to use\u00a0<strong>sysdig<\/strong>\u00a0which produces raw data as we saw before, from a running Linux system: this calls for you to understand how to use filters and chisels.<\/p>\n<p>But if you need a painless means of using\u00a0<strong>sysdig<\/strong>\u00a0\u2013 continue with\u00a0<strong>csysdig<\/strong>.<\/p>\n<h3>Understanding Sysdig Chisels and Filters<\/h3>\n<p><strong>Sysdig chisels<\/strong>\u00a0are minimal Lua scripts for examining the sysdig event stream to carry out useful system troubleshooting actions and more. The command below will help you view all available chisels:<\/p>\n<pre>$ sudo sysdig -cl\r\n<\/pre>\n<p>The screen shot shows a sample list of chisels under different categories.<\/p>\n<div id=\"attachment_26966\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Chisels.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26966\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Chisels.png\" alt=\"View Sysdig Chisels\" width=\"712\" height=\"439\" aria-describedby=\"caption-attachment-26966\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26966\" class=\"wp-caption-text\">View Sysdig Chisels<\/p>\n<\/div>\n<p>If you want to find out more information about a particular chisel, use the\u00a0<code>-i<\/code>\u00a0flag:<\/p>\n<pre>$ sudo sysdig -i topprocs_cpu\r\n<\/pre>\n<div id=\"attachment_26968\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Chisel-Info.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26968\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Chisel-Info.png\" alt=\"View Sysdig Chisel Info\" width=\"712\" height=\"268\" aria-describedby=\"caption-attachment-26968\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26968\" class=\"wp-caption-text\">View Sysdig Chisel Info<\/p>\n<\/div>\n<p>Sysdig filters add more power to the kind of output you can obtain from event streams, they allow you to customize the output. You should specify them at the end of a command line.<\/p>\n<p>A straightforward and commonest filter is a basic \u201c<strong>class.field=value<\/strong>\u201d check, you can also combine chisels with filters for even more powerful customizations.<\/p>\n<p>To view a list of available field classes, fields and their descriptions, type:<\/p>\n<pre>$ sudo sysdig -l\r\n<\/pre>\n<div id=\"attachment_26969\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Field-Classes.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26969\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Field-Classes.png\" sizes=\"auto, (max-width: 802px) 100vw, 802px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Field-Classes.png 802w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/View-Sysdig-Field-Classes-768x439.png 768w\" alt=\"View Sysdig Field Classes\" width=\"802\" height=\"458\" aria-describedby=\"caption-attachment-26969\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26969\" class=\"wp-caption-text\">View Sysdig Field Classes<\/p>\n<\/div>\n<h4>Creating Linux System Trace File<\/h4>\n<p>To dump sysdig output in a file for later analysis, use the\u00a0<code>-w<\/code>\u00a0flag like this.<\/p>\n<p>You can read the trace dump file using the\u00a0<strong>-r<\/strong>\u00a0flag:<\/p>\n<pre>$ sudo sysdig -r trace.scap\r\n<\/pre>\n<p>The\u00a0<code>-s<\/code>\u00a0option is used to specify the amount of bytes of data to be captured for each system event. In this example, we are filtering events for the\u00a0<strong>mongod<\/strong>\u00a0process.<\/p>\n<pre>$ sudo sysdig -s 3000 -w trace.scap\r\n$ sudo sysdig -r trace.scap proc.name=mongod\r\n<\/pre>\n<div id=\"attachment_26970\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Create-MongoDB-Trace-File.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26970\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Create-MongoDB-Trace-File.png\" sizes=\"auto, (max-width: 818px) 100vw, 818px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Create-MongoDB-Trace-File.png 818w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Create-MongoDB-Trace-File-768x430.png 768w\" alt=\"Create MongoDB Trace File\" width=\"818\" height=\"458\" aria-describedby=\"caption-attachment-26970\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26970\" class=\"wp-caption-text\">Create MongoDB Trace File<\/p>\n<\/div>\n<h4>Monitoring Linux Processes<\/h4>\n<p>To list system processes, type:<\/p>\n<pre>$ sudo sysdig -c ps\r\n<\/pre>\n<div id=\"attachment_26973\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-Processes.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26973\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-Processes.png\" sizes=\"auto, (max-width: 882px) 100vw, 882px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-Processes.png 882w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Linux-Processes-768x366.png 768w\" alt=\"Monitor Linux Processes\" width=\"882\" height=\"420\" aria-describedby=\"caption-attachment-26973\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26973\" class=\"wp-caption-text\">Monitor Linux Processes<\/p>\n<\/div>\n<h4>Monitor Processes by CPU Usage<\/h4>\n<p>To watch top processes by CPU usage percentage, run this command:<\/p>\n<pre>$ sudo sysdig -c topprocs_cpu\r\n<\/pre>\n<div id=\"attachment_26974\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Processes-by-CPU-Usage.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26974\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Processes-by-CPU-Usage.png\" sizes=\"auto, (max-width: 802px) 100vw, 802px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Processes-by-CPU-Usage.png 802w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Processes-by-CPU-Usage-768x238.png 768w\" alt=\"Monitor Processes by CPU Usage\" width=\"802\" height=\"249\" aria-describedby=\"caption-attachment-26974\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26974\" class=\"wp-caption-text\">Monitor Processes by CPU Usage<\/p>\n<\/div>\n<h4>Monitoring Network Connections and I\/O<\/h4>\n<p>To view system network connections, run:<\/p>\n<pre>$ sudo sysdig -c netstat\r\n<\/pre>\n<div id=\"attachment_26975\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Network-Connections.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26975\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Network-Connections.png\" sizes=\"auto, (max-width: 922px) 100vw, 922px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Network-Connections.png 922w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-Network-Connections-768x255.png 768w\" alt=\"Monitor Network Connections\" width=\"922\" height=\"306\" aria-describedby=\"caption-attachment-26975\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26975\" class=\"wp-caption-text\">Monitor Network Connections<\/p>\n<\/div>\n<p>The following command will help you list top network connections by total bytes:<\/p>\n<pre>$ sudo sysdig -c topconns\r\n<\/pre>\n<p>Next, you can also list top processes by network I\/O as follows:<\/p>\n<pre>$ sudo sysdig -c topprocs_net    \r\n<\/pre>\n<h4>Monitoring System File I\/O<\/h4>\n<p>You can output the data read and written by processes on the system as below:<\/p>\n<pre>$ sudo sysdig -c echo_fds\r\n<\/pre>\n<div id=\"attachment_26976\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-System-IO.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26976\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-System-IO.png\" sizes=\"auto, (max-width: 798px) 100vw, 798px\" srcset=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-System-IO.png 798w, https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-System-IO-768x313.png 768w\" alt=\"Monitor System IO\" width=\"798\" height=\"325\" aria-describedby=\"caption-attachment-26976\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26976\" class=\"wp-caption-text\">Monitor System IO<\/p>\n<\/div>\n<p>To list top processes by (read + write) disk bytes, use:<\/p>\n<pre>$ sudo sysdig -c topprocs_file   \r\n<\/pre>\n<h4>Troubleshooting a Linux System Performance<\/h4>\n<p>To keep an eye on system bottlenecks (slow system calls), execute this command:<\/p>\n<pre>$ sudo sysdig -c bottlenecks\r\n<\/pre>\n<div id=\"attachment_26977\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Troubleshoot-Linux-Performance.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26977\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Troubleshoot-Linux-Performance.png\" alt=\"Troubleshoot Linux Performance\" width=\"692\" height=\"268\" aria-describedby=\"caption-attachment-26977\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26977\" class=\"wp-caption-text\">Troubleshoot Linux Performance<\/p>\n<\/div>\n<h4>Track Execution Time of a Process<\/h4>\n<p>To track the execution time of a process, you can run this command and dump the trace in a file:<\/p>\n<pre>$ sudo sysdig -w extime.scap -c proc_exec_time \r\n<\/pre>\n<div id=\"attachment_26978\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Track-Process-Execution-Time.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26978\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Track-Process-Execution-Time.png\" alt=\"Track Process Execution Time\" width=\"692\" height=\"287\" aria-describedby=\"caption-attachment-26978\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26978\" class=\"wp-caption-text\">Track Process Execution Time<\/p>\n<\/div>\n<p>Then use a filter to zero down on details of a particular process (<strong>postgres<\/strong>\u00a0in this example) as follows:<\/p>\n<pre>$ sudo sysdig -r extime.scap proc.name=postgres\r\n<\/pre>\n<h4>Discover Slow Network I\/0<\/h4>\n<p>This simple command will help you detect slow network I\/0:<\/p>\n<pre>$ sudo sysdig -c netlower     \r\n<\/pre>\n<h4>Watching Log File Entries<\/h4>\n<p>The command below helps you display every message written to syslog, if you are interested in log entries for a specific process, create a trace dump and filter it out accordingly as shown before:<\/p>\n<pre>$ sudo sysdig -c spy_syslog      \r\n<\/pre>\n<p>You can print any data written by any process to a log file as follows:<\/p>\n<pre>$ sudo sysdig -c spy_logs   \r\n<\/pre>\n<h4>Monitoring HTTP Server Requests<\/h4>\n<p>If you have a HTTP server such as Apache or Nginx running on our system, look through the server\u2019s requests log with this command:<\/p>\n<pre>$ sudo sysdig -c httplog    \r\n$ sudo sysdig -c httptop   [Print Top HTTP Requests] \r\n<\/pre>\n<div id=\"attachment_26979\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-HTTP-Requests.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26979\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-HTTP-Requests.png\" alt=\"Monitor HTTP Requests\" width=\"712\" height=\"192\" aria-describedby=\"caption-attachment-26979\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26979\" class=\"wp-caption-text\">Monitor HTTP Requests<\/p>\n<\/div>\n<h4>Display Login Shells and Interactive User Activity<\/h4>\n<p>The command below will enable you view all the login shell IDs:<\/p>\n<pre>$ sudo sysdig -c list_login_shells\r\n<\/pre>\n<p>Last but not least, you can show interactive activity of system users like so:<\/p>\n<pre>$ sudo sysdig -c spy_users\r\n<\/pre>\n<div id=\"attachment_26980\" class=\"wp-caption aligncenter\">\n<p><a href=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-User-Activity.png\"><img loading=\"lazy\" decoding=\"async\" class=\"size-full wp-image-26980\" src=\"https:\/\/www.tecmint.com\/wp-content\/uploads\/2017\/09\/Monitor-User-Activity.png\" alt=\"Monitor User Activity\" width=\"712\" height=\"192\" aria-describedby=\"caption-attachment-26980\" data-lazy-loaded=\"true\" \/><\/a><\/p>\n<p id=\"caption-attachment-26980\" class=\"wp-caption-text\">Monitor User Activity<\/p>\n<\/div>\n<p>For more usage information and examples, read the sysdig and csysdig man pages:<\/p>\n<pre>$ man sysdig \r\n$ man csysdig\r\n<\/pre>\n<p>Reference:\u00a0<a href=\"https:\/\/www.sysdig.org\/\" target=\"_blank\" rel=\"nofollow noopener\">https:\/\/www.sysdig.org\/<\/a><\/p>\n<p>Also check these useful Linux performance monitoring tools:<\/p>\n<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li><a href=\"https:\/\/www.tecmint.com\/bcc-best-linux-performance-monitoring-tools\/\" target=\"_blank\" rel=\"noopener\">BCC \u2013 Dynamic Tracing Tools for Linux Performance Monitoring, Networking and More<\/a><\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/pydash-a-web-based-linux-performance-monitoring-tool\/\" target=\"_blank\" rel=\"noopener\">pyDash \u2013 A Web Based Linux Performance Monitoring Tool<\/a><\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/perf-performance-monitoring-and-analysis-tool-for-linux\/\" target=\"_blank\" rel=\"noopener\">Perf- A Performance Monitoring and Analysis Tool for Linux<\/a><\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/linux-performance-monitoring-with-collectl-tool\/\" target=\"_blank\" rel=\"noopener\">Collectl: An Advanced All-in-One Performance Monitoring Tool for Linux<\/a><\/li>\n<li><a href=\"https:\/\/www.tecmint.com\/netdata-real-time-linux-performance-network-monitoring-tool\/\" target=\"_blank\" rel=\"noopener\">Netdata \u2013 A Real-Time Performance Monitoring Tool for Linux Systems<\/a><\/li>\n<\/ol>\n<\/li>\n<\/ol>\n<h5>Conclusion<\/h5>\n<p>Sysdig brings together functionalities from numerous command line tools into one remarkable interface, thus allowing you to dig deep into your Linux system events to gather data, save for later analysis and it offers incredible container support.<\/p>\n<p>To ask any questions or share any thoughts about this tool, use the feedback form below.<\/p>\n<p><a href=\"https:\/\/www.tecmint.com\/sysdig-system-monitoring-and-troubleshooting-tool-for-linux\/\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Sysdig\u00a0is an open-source, cross-platform, powerful and flexible system monitoring and troubleshooting tool for Linux; it also works on Windows and Mac OSX but with limited functionality and can be used for system analysis, inspection and debugging. Normally, you would employ a mix of various\u00a0Linux performance monitoring and troubleshooting toolsincluding these ones listed below to perform &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/www.appservgrid.com\/paw92\/index.php\/2019\/04\/06\/sysdig-a-powerful-system-monitoring-and-troubleshooting-tool-for-linux\/\" class=\"more-link\">Continue reading<span class=\"screen-reader-text\"> &#8220;Sysdig \u2013 A Powerful System Monitoring and Troubleshooting Tool for Linux&#8221;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-13867","post","type-post","status-publish","format-standard","hentry","category-linux"],"_links":{"self":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/comments?post=13867"}],"version-history":[{"count":1,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13867\/revisions"}],"predecessor-version":[{"id":13868,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/posts\/13867\/revisions\/13868"}],"wp:attachment":[{"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/media?parent=13867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/categories?post=13867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.appservgrid.com\/paw92\/index.php\/wp-json\/wp\/v2\/tags?post=13867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}