awesome-repositories.com
Blog
awesome-repositories.com

Entdecke die besten Open-Source-Repositories mit KI-gestützter Suche.

EntdeckenKuratierte SuchenOpen-Source-AlternativenSelf-hosted SoftwareBlogSitemap
ProjektÜber unsRanking-MethodikPresseMCP-Server
RechtlichesDatenschutzAGB
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
microsoft avatar

microsoft/ProcMon-for-Linux

0
View on GitHub↗
4,695 Stars·289 Forks·C·MIT·2 Aufrufe

ProcMon For Linux

ProcMon-for-Linux ist ein eBPF-basiertes System-Observability-Tool und Prozessmonitor für Linux. Es fungiert als System-Call-Tracer und Aktivitätslogger, der Echtzeit-Kernel- und User-Space-Ereignisse erfasst, um das Betriebssystemverhalten zu analysieren.

Das Projekt bietet ein Text-User-Interface zur Inspektion aufgezeichneter Trace-Dateien. Es trennt die hochperformante, Headless-Ereignisaufzeichnung vom Analyse-Interface, um Datenverlust bei hoher Systemlast zu verhindern.

Das Tool bietet Funktionen für System-Call-Tracing und Aktivitätsüberwachung, einschließlich der Möglichkeit, Ereignisse nach Prozess-IDs oder spezifischen System-Call-Typen zu filtern. Es unterstützt Low-Level-Prozess-Debugging und die retrospektive Analyse von Systemaktivitäten.

Features

  • System Call Tracing - Provides real-time monitoring of Linux system calls to debug software behavior and identify failures.
  • eBPF Event Captures - Provides high-performance event capture using eBPF bytecode executed within the Linux kernel.
  • TUI Trace Viewers - Provides a text user interface for opening and inspecting recorded trace files to analyze system activity.
  • Linux - Monitors Linux process events and file system activity to analyze operating system behavior.
  • System Call Monitors - Tracks real-time file system and process events to provide deep visibility into Linux system behavior.
  • System Activity Monitoring - Tracks real-time file system, registry, and process events for visibility into OS behavior.
  • eBPF-Based Activity Monitors - Utilizes eBPF to capture high-performance traces of kernel and user-space activity for system observability.
  • Event Trace Analyzers - Provides a terminal user interface for opening and inspecting recorded trace files of system activity.
  • Trace Analysis Interfaces - Ships a text-based user interface for inspecting and filtering recorded system activity files.
  • Kernel Ring Buffer Retrieval - Implements high-performance data transfer from the kernel to userspace using ring buffers.
  • SQLite Storage Adapters - Uses a local SQLite database for persistent storage and efficient querying of captured trace data.
  • Low-Level Debuggers - Enables low-level analysis of interactions between software and the Linux kernel to identify bottlenecks.
  • System Event Recorders - Records system-generated actions and events for retrospective diagnosis of intermittent execution issues.
  • Headless Recorders - Separates high-performance headless event recording from the analysis interface to prevent data loss.
  • Selective Event Filtering - Allows restricting traced activity to specific process IDs or syscall types to reduce noise during capture.
  • Syscall Filtering - Applies kernel-level predicates to filter syscalls and reduce noise during event capture.

Star-Verlauf

Star-Verlauf für microsoft/procmon-for-linuxStar-Verlauf für microsoft/procmon-for-linux

KI-Suche

Entdecke weitere awesome Repositories

Beschreibe in einfachen Worten, was du brauchst — die KI bewertet tausende kuratierte Open-Source-Projekte nach Relevanz.

Start searching with AI

Open-Source-Alternativen zu ProcMon For Linux

Ähnliche Open-Source-Projekte, sortiert nach der Anzahl der gemeinsamen Funktionen mit ProcMon For Linux.
  • iovisor/bccAvatar von iovisor

    iovisor/bcc

    22,459Auf GitHub ansehen↗

    BCC is an eBPF development toolkit and tracing framework used for monitoring and analyzing the Linux kernel. It functions as a performance analysis tool and debugging utility to capture system events, measure kernel latency, and provide network observability. The project distinguishes itself by providing a build system that integrates with LLVM to compile C-like code into BPF bytecode at runtime. It utilizes BPF Type Format data for relocations to maintain cross-kernel compatibility and extracts kernel headers to ensure the generated programs match the specific kernel version. The toolkit co

    C
    Auf GitHub ansehen↗22,459
  • missing-semester/missing-semesterAvatar von missing-semester

    missing-semester/missing-semester

    5,525Auf GitHub ansehen↗

    The Missing Semester is a free, open-source educational curriculum designed to bridge the gap between theoretical computer science and the practical tooling every software engineer needs. Organized as a structured course, it covers Unix shell mastery, version control with Git, software debugging and profiling, system administration fundamentals, and computer security practices — the skills often left out of traditional degree programs. The project is maintained as a collaborative set of lecture notes, exercises, and guides that function as both a professional development tools course and a Uni

    CSS
    Auf GitHub ansehen↗5,525
  • cilium/tetragonAvatar von cilium

    cilium/tetragon

    4,753Auf GitHub ansehen↗

    Tetragon is an eBPF-based runtime security and observability toolset designed for Linux and Kubernetes environments. It functions as a security policy manager, observability agent, and enforcement engine that hooks into kernel functions and tracepoints to detect privilege escalation, container escapes, and unauthorized system activity. The project distinguishes itself through its ability to perform real-time, in-kernel enforcement, allowing it to synchronously terminate malicious processes or modify function return values before a system call completes. It provides deep Kubernetes integration

    C
    Auf GitHub ansehen↗4,753
  • comodosecurity/openedrAvatar von ComodoSecurity

    ComodoSecurity/openedr

    2,603Auf GitHub ansehen↗

    OpenEDR is an endpoint detection and response platform designed to collect telemetry and monitor system activity to identify security breaches. It functions as a host-based intrusion detection system and telemetry collector, gathering detailed data on process, network, and file activity. The system includes a dockerized security stack that bundles search, logging, and visualization tools into containers for analyzing endpoint telemetry. It features a security event visualizer that maps process lineage and indexes logs to facilitate root-cause analysis of attacks. The platform provides capabi

    C++
    Auf GitHub ansehen↗2,603
Alle 30 Alternativen zu ProcMon For Linux anzeigen→

Häufig gestellte Fragen

Was macht microsoft/procmon-for-linux?

ProcMon-for-Linux ist ein eBPF-basiertes System-Observability-Tool und Prozessmonitor für Linux. Es fungiert als System-Call-Tracer und Aktivitätslogger, der Echtzeit-Kernel- und User-Space-Ereignisse erfasst, um das Betriebssystemverhalten zu analysieren.

Was sind die Hauptfunktionen von microsoft/procmon-for-linux?

Die Hauptfunktionen von microsoft/procmon-for-linux sind: System Call Tracing, eBPF Event Captures, TUI Trace Viewers, Linux, System Call Monitors, System Activity Monitoring, eBPF-Based Activity Monitors, Event Trace Analyzers.

Welche Open-Source-Alternativen gibt es zu microsoft/procmon-for-linux?

Open-Source-Alternativen zu microsoft/procmon-for-linux sind unter anderem: cilium/tetragon — Tetragon is an eBPF-based runtime security and observability toolset designed for Linux and Kubernetes environments.… iovisor/bcc — BCC is an eBPF development toolkit and tracing framework used for monitoring and analyzing the Linux kernel. It… missing-semester/missing-semester — The Missing Semester is a free, open-source educational curriculum designed to bridge the gap between theoretical… aquasecurity/tracee — Tracee is a cloud-native runtime security and forensics tool that uses eBPF to capture system calls and kernel events… comodosecurity/openedr — OpenEDR is an endpoint detection and response platform designed to collect telemetry and monitor system activity to… orhun/binsider — Binsider is a collection of specialized toolsets for hexadecimal editing, ELF structural analysis, system call…