Sysdig – Linux System Troubleshooting Tool


Sysdig is open source, Linux System Troubleshooting Tool: capture system state and activity from a running Linux instance, then save, filter and analyze. Think of it as strace + tcpdump + lsof + awesome sauce. With a little Lua cherry on top.

Sysdig

Sysdig was born from a team’s constant frustration. System level troubleshooting is just way more of a pain than it should be — especially in distributed, virtualized, and cloud-based environments. So they took the lessons they learned while building network monitoring tools like WinPCap and Wireshark and created a new kind of system troubleshooting tool for Linux.

Sysdig captures system calls and other system level events using a linux kernel facility called tracepoints, which means much less overhead than strace.

It then “packetizes” this information, so that you can save it into trace files and filter it, a bit like you would do with tcpdump. This makes it very flexible to explore what processes are doing.

Sysdig is also packed with a set of scripts that make it easier to extract useful information and do troubleshooting.

To install Sysdig, just run this with sudo or as root:

Or read more here.

Posted in: Forensics, Linux Hacking


Latest Posts:


CredNinja - Test Credential Validity of Dumped Credentials or Hashes CredNinja – Test Credential Validity of Dumped Credentials or Hashes
CredNinja is a tool to quickly test credential validity of dumped credentials (or hashes) across an entire network or domain very efficiently.
assetfinder - Find Related Domains and Subdomains assetfinder – Find Related Domains and Subdomains
assetfinder is a Go-based tool to find related domains and subdomains that are related to a given domain from a variety of sources including Facebook and more.
Karkinos - Beginner Friendly Penetration Testing Tool Karkinos – Beginner Friendly Penetration Testing Tool
Karkinos is a light-weight Beginner Friendly Penetration Testing Tool, which is basically a 'Swiss Army Knife' for pen-testing and/or hacking CTF's.
Aclpwn.Py - Exploit ACL Based Privilege Escalation Paths in Active Directory Aclpwn.Py – Exploit ACL Based Privilege Escalation Paths in Active Directory
Aclpwn.py is a tool that interacts with BloodHound< to identify and exploit ACL based privilege escalation paths.
Vulhub - Pre-Built Vulnerable Docker Environments For Learning To Hack Vulhub – Pre-Built Vulnerable Docker Environments For Learning To Hack
Vulhub is an open-source collection of pre-built vulnerable docker environments for learning to hack. No pre-existing knowledge of docker is required, just execute two simple commands.
LibInjection - Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) LibInjection – Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS)
LibInjection is a C library to Detect SQL Injection (SQLi) and Cross-Site Scripting (XSS) through lexical analysis of real-world Attacks.


One Response to Sysdig – Linux System Troubleshooting Tool

  1. Etescartz April 8, 2014 at 2:29 pm #

    Thanks for the tip. This seems like a great tool. I’m going to give it test drive to get an idea of how it could benefit me.