Sysdig is open source, system-level exploration: capture system state and activity from a running Linux instance, then save, filter and analyze.
Sysdig is scriptable in Lua and includes a command line interface and a powerful interactive UI, csysdig, that runs in your terminal.
Think of sysdig as strace + tcpdump + htop + iftop + lsof + transaction tracing + awesome sauce.
With state of the art container visibility on top.
A quick preview of sysdig's interactive UI
...and a little taste of what sysdig can do from the command line
Dump system activity to file, so that sysdig can be used to process it later.
sudo sysdig -w trace.scap
View the top network connections for a single container.
Sysdig tracers let you track and measure spans of execution in a distributed software system. You can instrument almost anything with a Sysdig tracer - a method in your software, a service call, a network request, a shell command execution, a script, and any other thing that can happen in a computer system.
They're efficient, language independent, container friendly, and (of course) open source.
Sysdig was born from our own team's constant frustration. System level troubleshooting is just way more of a pain than it should be — especially in container-based environments. So we took the lessons we learned while helping build network monitoring tools like WinPCap and Wireshark and created a new kind of system troubleshooting tool for Linux.
Sysdig gives you instant access
to a treasure trove of data buried within your system.
Rich filtering, scripting, and an interactive UI take you
from the big picture to finest detail in just a few clicks.
Easy to Use
For pragmatic people, by pragmatic people.
With a dead-simple install, and a natural, intuitive UI,
you'll be up and running with sysdig in seconds (seriously!).
If you use containers, sysdig is the tool for you.
Sysdig's unique technology offers full container visibility, with no plugins,
no instrumentation, and no configuration.
Fast and Stable
Sysdig is built to run in production. By running
as little code as possible in the kernel,
sysdig minimizes performance overhead
and the risk of crashes.
Fits to Your Workflow
Not the other way around. Watch system
activity in real time, or do a trace dump
and analyze later.
Both sysdig and csysdig
can be extended with Lua scripts that we call chisels and views.
The ever growing collection of scripts covers tons of troubleshooting,
monitoring and security cases.