Delving the depths of Linux with sysdig
Examples
Sysdig is a useful and practical tool: You will learn many of its functions when using the software, but you can only deduce the rest from the documentation in the form of the man page or from the wiki [3]. However, it is often easier to look at a few examples and modify them to suit your own requirements.
Listing 4 shows the use of sysdig in analyzing processes. A call to
sysdig -c proc_exec_time
shows the processes that are currently taking the longest to complete. You can use echo_fds
(Listing 5) as a replacement for strace to track inputs and outputs.
Listing 4
Analyzing Processes
Listing 5
Tracking Input and Output
If the system performance does not correspond to your expectations,
sysdig -c bottlenecks sysdig -c topscalls
shows the slowest and currently most frequently used system calls. If you often have to wait for files,
sysdig -c fileslower 9
will detect them.
To see which files require the most time to read and write and where the system writes most, use:
sysdig -c topfiles_time sysdig -c topfiles_bytes
The output from
sysdig -c topprocs_file sysdig -c topprocs_net
respectively shows which processes are responsible for the writes and which ones are slowing down the network. Numerous other examples can be found online [4].
Conclusions
Sysdig is unreservedly recommended for analyzing systems as a replacement for many individual programs. The concept of compiling a simple program with many possibilities using plugins is in keeping with current trends.
The results output by sysdig are always useful, so you can expect to see it soon in the repositories of the major distributions.
Up to now, the project has tackled installation in a somewhat unorthodox manner. However, to leverage the software to the max, you need to be able to interpret the results correctly. If you lack the knowledge to do so, the output can be confusing.
Infos
- sysdig: http://www.sysdig.org
- Installation: http://www.sysdig.org/wiki/how-to-install-sysdig-for-linux/
- Wiki: http://www.sysdig.org/wiki/
- Examples: http://www.sysdig.org/wiki/sysdig-examples/
« Previous 1 2
Buy this article as PDF
(incl. VAT)
Buy Linux Magazine
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters
Support Our Work
Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.
News
-
Linux Servers Targeted by Akira Ransomware
A group of bad actors who have already extorted $42 million have their sights set on the Linux platform.
-
TUXEDO Computers Unveils Linux Laptop Featuring AMD Ryzen CPU
This latest release is the first laptop to include the new CPU from Ryzen and Linux preinstalled.
-
XZ Gets the All-Clear
The back door xz vulnerability has been officially reverted for Fedora 40 and versions 38 and 39 were never affected.
-
Canonical Collaborates with Qualcomm on New Venture
This new joint effort is geared toward bringing Ubuntu and Ubuntu Core to Qualcomm-powered devices.
-
Kodi 21.0 Open-Source Entertainment Hub Released
After a year of development, the award-winning Kodi cross-platform, media center software is now available with many new additions and improvements.
-
Linux Usage Increases in Two Key Areas
If market share is your thing, you'll be happy to know that Linux is on the rise in two areas that, if they keep climbing, could have serious meaning for Linux's future.
-
Vulnerability Discovered in xz Libraries
An urgent alert for Fedora 40 has been posted and users should pay attention.
-
Canonical Bumps LTS Support to 12 years
If you're worried that your Ubuntu LTS release won't be supported long enough to last, Canonical has a surprise for you in the form of 12 years of security coverage.
-
Fedora 40 Beta Released Soon
With the official release of Fedora 40 coming in April, it's almost time to download the beta and see what's new.
-
New Pentesting Distribution to Compete with Kali Linux
SnoopGod is now available for your testing needs