• Stars
    star
    959
  • Rank 47,674 (Top 1.0 %)
  • Language
    JavaScript
  • License
    Other
  • Created over 7 years ago
  • Updated 4 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Sysdig Inspect - A powerful opensource interface for container troubleshooting and security investigation

Sysdig Inspect


Sysdig Inspect is a powerful opensource interface for container troubleshooting and security investigation

Inspect's user interface is designed to intuitively navigate the data-dense sysdig captures that contain granular system, network, and application activity of a Linux system. Sysdig Inspect helps you understand trends, correlate metrics and find the needle in the haystack. It comes packed with features designed to support both performance and security investigations, with deep container introspection.

To use Sysdig Inspect, you need capture files collected on Linux with sysdig.

Where to start?

Sysdig Inspect container

Sysdig Inspect is available as Docker container image.

docker run -d -v /local/path/to/captures:/captures -p8080:3000 sysdig/sysdig-inspect:latest

Sysdig Inspect will be available in your browser at http://localhost:8080!

For more information, check out the Sysdig Inspect repository on Docker Hub.

Sysdig Inspect desktop

Here are the installers available for the latest version:

You can check the changelog at https://github.com/draios/sysdig-inspect/releases.

Main Features

Instant highlights

Instant Highlights

The overview page offers an out of the box, at a glance summary of the content of the capture file. Content is organized in tiles, each of which shows the value of a relevant metric and its trend. Tiles are organized in categories to surface useful information more clearly and are starting point for investigation and drill down.

Sub-second microtrends and metric correlation

Sub-second microtrends and metric correlation

Once you click on a tile, you will see the sub-second trend of the metric shown by the tile. Yes, sub-second. You will be amazed at how different your system, containers and applications look at this level of granularity. Multiple tiles can be selected to see how metrics correlate to each other and identify hot spots.

Intuitive drill-down-oriented workflow

Intuitive drill-down-oriented workflow

You can drill down into any tile to see the data behind it and start investigating. At this point you can either use the timeline to restrict what data you are seeing, or further drill down by double clicking on any line of data. You will be able to see processes, files, network connections and much more.

Payloads and system calls visualization

Payloads and system calls visualization

Every single byte of data that is read or written to a file (provided the appropriate --snaplen parameter is used while creating the capture), to a network connection to a pipe is recorded in the trace file and Sysdig Inspect makes it easy to observe it. Do you need to troubleshoot an intermittent network issue or determine what a malware wrote to the file system? All the data you need is there. And, of course, you can switch at any time into sysdig mode and look at every single system call.

Collecting & Loading Captures

Creating a capture file Sysdig Inspect works with capture files that have been collected by sysdig on a Linux system. The sysdig user guide contains a nice introduction to the tool and includes many examples that can guide you through the command line and filtering syntax.

As a very easy quick start, here's how to capture all of the system events on a Linux box with sysdig:

sudo sysdig -w filename.scap

Example Trace files 502 Error Troubleshooting an HAProxy 502 404 Error Troubleshooting a 404 error from a leaky file

Join the Community

  • Join our Public Slack channel for announcements discussions, and help
  • Follow us on Twitter
  • This is our blog. There are many like it, but this one is ours.

License Terms

Sysdig is licensed to you under the GPL 2.0 open source license.

More Repositories

1

sysdig

Linux system exploration and troubleshooting tool with first class support for containers
C++
7,708
star
2

sysdig-container-ecosystem

The Container Ecosystem Project
109
star
3

sysdig-cloud-scripts

This repository holds various scripts and templates that may be helpful for deploying and utilizing Sysdig Cloud
Shell
79
star
4

kubernetes-scheduler

Kubernetes custom scheduler based on Sysdig monitoring metrics
Go
51
star
5

grafana-sysdig-datasource

Sysdig datasource plugin for Grafana (https://grafana.com/)
JavaScript
36
star
6

tracers-py

Python library to easy emit Sysdig tracers
Python
23
star
7

ember-typescript2

Drop-in Ember CLI addon for TypeScript 2.3+ (experimental)
JavaScript
17
star
8

sysdig-workshop-forensics

Shell
17
star
9

sysdig-labs

Sysdig labs
Go
13
star
10

kubernetes-sysdig-metrics-apiserver

Kubernetes Custom Metrics Adapter for Sysdig
Go
11
star
11

sysdig-kube-watcher

python scripts to bridge the kubernetes API and sysdig cloud
Python
9
star
12

onprem-install-docs

9
star
13

sysdig-cloud-api

Sysdig Cloud API
CSS
8
star
14

sysdig-workshop-troubleshooting

Shell
8
star
15

sysdig-workshop-infra

Ruby
7
star
16

terraform-aws-secure-for-cloud

Terraform module for sysdig secure
HCL
7
star
17

action-helm-tools

Shell
6
star
18

falco_tor_rule_creator

Python
6
star
19

probe-builder

Python
5
star
20

sysdig-gcscc-connector

Sysdig connector for Google Cloud Security Command Center
Python
5
star
21

bashbot-scripts

Shell
4
star
22

sysdig-partner-resources

Repository for all of our public-facing Sysdig partner stuff.
4
star
23

instruqt-assets

Shell
3
star
24

infra-action-helm-ci

Helm artifact CI - a la Sysdig way
2
star
25

sysdig-google-kubernetes-marketplace

Sysdig packaging for Google Kubernetes Marketplace
Makefile
2
star
26

infra-action-mark2confluence

Render and push markdown files to confluence pages
Python
2
star
27

infra-action-harness-deploy

Repository containing github action to execute a Harness Trigger
1
star
28

infra-action-sysdig-scan

Github action to use Sysdig scanner
1
star
29

python-sdc-client-beta

Sysdig Cloud python client library (beta preview)
Python
1
star
30

infra-action-patch-upstream

1
star
31

infra-action-scanning-summary

Github action to create a job summary report
JavaScript
1
star
32

infra-action-test-runner

1
star
33

infra-action-buildnpush

Build and Push container images to artifactory and quay - a la Sysdig way
1
star