Alpha Beast

Charly’s Column – Sysdig

Article from Issue 209/2018
Author(s):

In this issue, sys admin columnist and tool veterinarian Charly Kühnast invites Sysdig, the jack-of-all-trades among system diagnostic tools, into his surgery for a quick checkup. The project promises to unite the functionality of lsof, iftop, netstat, tcpdump, and others.

Where an alpha beast claims to replace an entire herd, the bar is naturally fairly high. Of course, the Wireshark authors, who are also the people behind the Sysdig [1] project, are no beginners. The software only performs well if you have root privileges; otherwise, it can't access all the required system areas. If you launch the tool without parameters, a steady stream of system messages scrolls by: It meticulously logs every single syscall. To thin out the thicket, Sysdig uses what it calls chisels. You can find out which chisels exist with the sysdig -cl command.

The chisels are sorted into categories (Net, IO, application, logs, and so on). For example, the Performance category has a chisel named netlower. I decided to pass in a time value of 10 milliseconds as a parameter:

sysdig -c netlower 10

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • sysdig

    Many Linux diagnostic tools require knowledge of a special syntax, which complicates handling and confuses the output. Sysdig groups several important tools into a single interface.

  • The sys admin's daily grind: Smorgasbord

    Sys admin columnist Charly Kühnast has an electronic note box in which he collects ideas and small snippets of code. He calls it his "quarry" and is taking this opportunity to offer up some collectors' items to regular readers.

  • Charly's Column – httpstat

    Httpstat is a special stopwatch you can use to discover how long web servers take to serve up a static or dynamic HTML page. Visible performance lags indicate optimization potential for the server.

  • Charly's Column: Miniflux

    Sys admin Charly Kühnast typically follows 40 to 50 RSS feeds using Tiny Tiny RSS on his own server. Now, the good times spent with the faithful Tiny are coming to an end. Read on to discover the whole story.

  • Charly's Column – Keepalived

    Columnist Charly likes to keep system-critical daemons on two or more servers. If one of the servers fails, the idea is that the service can be started on the other and will be available at the same IP address – a scenario that works with or without the Pacemaker heartbeat.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News