(github.com)

166 points LelouBil | 1 comments | 31 Aug 25 22:43 UTC | HN request time: 0s | source

Show context

notepad0x90 ◴[01 Sep 25 02:06 UTC] No.45088794[source]▶

does this provide telemetry not available with strace?

And is the output csv/logfile compatible with the windows equivalent? If so, that'd be amazing! tools like procdot can analyze/visualize the data:

https://procdot.com/

replies(1): >>45092642 #

xuhu ◴[01 Sep 25 13:43 UTC] No.45092642[source]▶

>>45088794 #

This can trace all processes on the host while strace traces one PID and its descendants. And bpf tracing does not stop processes at each syscall, so they run without slowdowns.

replies(1): >>45095266 #

1. notepad0x90 ◴[01 Sep 25 18:26 UTC] No.45095266[source]▶

>>45092642 #

I think auditd can trace all syscalls system wide and let you filter as well. But it is a daemon whereas this is a tool you can run and interact with.

↑

A Linux version of the Procmon Sysinternals tool