Sysdig is open source, system-level exploration: capture system state and activity from a running Linux-based system such as Ubuntu 20.04, then save, filter, and analyze that is particularly useful for system analysis, inspection, and debugging, amongst other uses. Sysdig is scriptable in Lua and includes a command-line interface and a powerful interactive UI using the command csysdig that runs in your terminal.
In the following tutorial, you will learn how to install Sysdig on Ubuntu 20.04 LTS Focal Fossa using the command line terminal and basic commands for using Sysdig.
Table of Contents
First, before anything, update your system to make sure all existing packages are up to date.
sudo apt update && sudo apt upgrade -y
Install Required Packages
As part of the requirements, you will need to use the following terminal command to install the required packages.
sudo apt install curl gnupg software-properties-common -y
Note that this is safe to skip if you are sure that you have these and are up to date.
The first thing you need to do is use the curl command to download and then execute the bash file. This is done by using the following terminal command.
sudo curl -s https://s3.amazonaws.com/download.draios.com/stable/install-sysdig | sudo bash
The overall process should not take longer than a few minutes at most.
Once installed, confirm the version and build of Sysdig by using the following.
Now that you have installed Sysdig, you can use the monitoring software, which will be done with the csysdig command. A word of note, you need to run sysdig as root because it requires access to critical areas such as /proc file system, /dev/sysdig* devices and needs to auto-load the sysdig-probe kernel module.
First, bring up the display using the following command.
You will see the following screen below.
If you have trouble opening Sysdig, check the troubleshooting at the bottom of the tutorial.
Next, you can press the F2 button to change the view for future reference.
In the menu view above, you can use your arrow keys to move around to select an option you would like to monitor. For example, if you want to see the Processes CPU, scroll down and hit the ENTER key, displaying the following.
To return to the previous menu selection, use the F2 button key. From here, you can select quite an extensive list. Alternatively, you can use the terminal line commands. Some examples of these commands are shown below.
Run the following command to see the top processes ranked by CPU utilization percentage.
sudo sysdig -c topprocs_cpu
Run the following command to see the system’s network connections.
sudo sysdig -c netstat
To see a list of system processes.
sudo sysdig -c ps
If you encounter the following problem when trying to use the csysdig for the first time (Error opening terminal: xterm-256color). This can be solved most times by installing the next package.
sudo apt install ncurses-term
Note, only install (ncurses-term) if you see the error message.
Comments and Conclusion
Overall, Sysdig combined the functionality of several existing command-line tools and combined them into one single application with an excellent GUI or uses traditional terminal commands to monitor nearly any part of your Linux system.