CIP Cyber

Log In
Menu
Log In
  • Opinion
  • Product Reviews
  • Industrial Cybersecurity
  • Videos

Sysdig – System Exploration & Troubleshooting Tool

Table of Contents

sysdig 
an open source system-level exploration and troubleshooting tool. Sysdig
captures system calls and other system level events using a linux kernel
facility called tracepoints, which means much less overhead than strace.

It then
“packetizes” this information, so that you can save it into trace
files and filter it, a bit like you would do with tcpdump. This makes it very
flexible to explore what processes are doing.
Sysdig is also packed with a
set of scripts that make it easier to extract useful information and do
troubleshooting.

Traditionally, system-level monitoring and troubleshooting
still largely involve logging into the machine with SSH and using a plethora of
dated tools with very inconsistent interfaces. And since most tools don’t offer
any kind of history, you’re left struggling to reproduce the problem. Or even
worse, just staring at the screen hoping that it happens again. Sysdig wants to
improve your life, by introducing some key concepts:
  • ·        
    offering unified, coherent, and granular
    visibility into the storage, processing, network, and memory subsystems
  • ·        
    making it possible to create trace files for
    system activity, similarly to what you can do for networks with tools like
    tcpdump and Wireshark, so that the problem can be analyzed at a later time,
    without losing important information
  • ·        
    including rich system state in the trace files,
    so that the captured activity can be put in context and understood
  • ·        
    offering a filtering language to dig into the
    information in a natural and interactive way
  • ·        
    including a rich library of Lua scripts to solve
    common problems, which we call chisels (to carve up the data you unearthed…
    get it?). Think about sysdig as strace + tcpdump + lsof + steroids.

How does it work?

Sysdig instruments your physical and virtual machines at the OS
level by installing into the Linux kernel and capturing system calls and other
OS events. Then, using sysdig’s command line interface, you can filter and
decode these events in order to extract useful information. Sysdig can be used
to inspect systems live in real-time, or to generate trace files that can be
analyzed at a later stage.

Automatic Installation

To install sysdig automatically in one step, simply run the
following command. This is the recommended installation method.
Warning: The installation script will only install the sysdig
package from the Draios APT/YUM repository after verifying all the
requirements. For step-by-step manual installation, see the guide below. To
install sysdig from the source code, see the instructions here.

curl -s https://s3.amazonaws.com/download.draios.com/stable/install-sysdig
| sudo bash

Sysdig Installation Guide
Sysdig Tutorial
Source
CIP Cyber Staff

CIP Cyber Staff

CIP Cyber Staff comprises CIP cybersecurity experts committed to delivering comprehensive information on critical infrastructure protection. The content covers diverse topics, equipping professionals to defend organizations and communities in an ever-evolving cyber landscape.

Most popular

Opinion

Password Cyberattack: Everything You Need to Know

November 7, 2023

Industrial Cybersecurity

Cybersecurity Awareness Month: Spotlight on ICS/OT Security

September 28, 2023

Opinion

How to Protect IoT Devices in Critical Infrastructure Networks

September 15, 2023

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training

Related Articles

LINUX GAME HACKING GUIDE 2021

In the past, most games had cheat codes, yet these days it’s more uncommon. As a programmer, I like to perceive how things work, so

January 5, 2021

Want always be up to date?

Don't miss the latest news

By subscribing to our mailing list, you will be enrolled to receive our new trainings, latest blog posts, product news, and more.

CIP Training & Certifications

Transform your cybersecurity skills with CIP Cyber’s comprehensive training & course offerings

Choose Training