awesome-repositories.com
Blog
awesome-repositories.com

Descubre los mejores repositorios open-source con nuestra búsqueda potenciada por IA.

ExplorarBúsquedas curadasAlternativas open-sourceSoftware autohospedableBlogMapa del sitio
ProyectoAcerca deCómo clasificamosPrensaServidor MCP
Aviso legalPrivacidadTérminos
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·
microsoft avatar

microsoft/ProcMon-for-Linux

0
View on GitHub↗
4,695 estrellas·289 forks·C·MIT·2 vistas

ProcMon For Linux

ProcMon-for-Linux es una herramienta de observabilidad del sistema basada en eBPF y monitor de procesos para Linux. Funciona como un rastreador de llamadas al sistema y registrador de actividad, capturando eventos del kernel y del espacio de usuario en tiempo real para analizar el comportamiento del sistema operativo.

El proyecto cuenta con una interfaz de usuario de texto para inspeccionar archivos de traza grabados. Separa la grabación de eventos headless de alto rendimiento de la interfaz de análisis para prevenir la pérdida de datos durante cargas pesadas del sistema.

La herramienta proporciona capacidades para el rastreo de llamadas al sistema y monitoreo de actividad, incluyendo la capacidad de filtrar eventos por identificadores de proceso o tipos de llamadas al sistema específicos. Soporta la depuración de procesos de bajo nivel y el análisis retrospectivo de la actividad del sistema.

Features

  • System Call Tracing - Provides real-time monitoring of Linux system calls to debug software behavior and identify failures.
  • eBPF Event Captures - Provides high-performance event capture using eBPF bytecode executed within the Linux kernel.
  • TUI Trace Viewers - Provides a text user interface for opening and inspecting recorded trace files to analyze system activity.
  • Linux - Monitors Linux process events and file system activity to analyze operating system behavior.
  • System Call Monitors - Tracks real-time file system and process events to provide deep visibility into Linux system behavior.
  • System Activity Monitoring - Tracks real-time file system, registry, and process events for visibility into OS behavior.
  • eBPF-Based Activity Monitors - Utilizes eBPF to capture high-performance traces of kernel and user-space activity for system observability.
  • Event Trace Analyzers - Provides a terminal user interface for opening and inspecting recorded trace files of system activity.
  • Trace Analysis Interfaces - Ships a text-based user interface for inspecting and filtering recorded system activity files.
  • Kernel Ring Buffer Retrieval - Implements high-performance data transfer from the kernel to userspace using ring buffers.
  • SQLite Storage Adapters - Uses a local SQLite database for persistent storage and efficient querying of captured trace data.
  • Low-Level Debuggers - Enables low-level analysis of interactions between software and the Linux kernel to identify bottlenecks.
  • System Event Recorders - Records system-generated actions and events for retrospective diagnosis of intermittent execution issues.
  • Headless Recorders - Separates high-performance headless event recording from the analysis interface to prevent data loss.
  • Selective Event Filtering - Allows restricting traced activity to specific process IDs or syscall types to reduce noise during capture.
  • Syscall Filtering - Applies kernel-level predicates to filter syscalls and reduce noise during event capture.

Historial de estrellas

Gráfico del historial de estrellas de microsoft/procmon-for-linuxGráfico del historial de estrellas de microsoft/procmon-for-linux

Búsqueda con IA

Explora más repositorios increíbles

Describe lo que necesitas en lenguaje sencillo: la IA clasifica miles de proyectos open-source curados por relevancia.

Start searching with AI

Preguntas frecuentes

¿Qué hace microsoft/procmon-for-linux?

ProcMon-for-Linux es una herramienta de observabilidad del sistema basada en eBPF y monitor de procesos para Linux. Funciona como un rastreador de llamadas al sistema y registrador de actividad, capturando eventos del kernel y del espacio de usuario en tiempo real para analizar el comportamiento del sistema operativo.

¿Cuáles son las características principales de microsoft/procmon-for-linux?

Las características principales de microsoft/procmon-for-linux son: System Call Tracing, eBPF Event Captures, TUI Trace Viewers, Linux, System Call Monitors, System Activity Monitoring, eBPF-Based Activity Monitors, Event Trace Analyzers.

¿Qué alternativas de código abierto existen para microsoft/procmon-for-linux?

Las alternativas de código abierto para microsoft/procmon-for-linux incluyen: cilium/tetragon — Tetragon is an eBPF-based runtime security and observability toolset designed for Linux and Kubernetes environments.… iovisor/bcc — BCC is an eBPF development toolkit and tracing framework used for monitoring and analyzing the Linux kernel. It… missing-semester/missing-semester — The Missing Semester is a free, open-source educational curriculum designed to bridge the gap between theoretical… aquasecurity/tracee — Tracee is a cloud-native runtime security and forensics tool that uses eBPF to capture system calls and kernel events… comodosecurity/openedr — OpenEDR is an endpoint detection and response platform designed to collect telemetry and monitor system activity to… orhun/binsider — Binsider is a collection of specialized toolsets for hexadecimal editing, ELF structural analysis, system call…

Alternativas open-source a ProcMon For Linux

Proyectos open-source similares, clasificados según cuántas características comparten con ProcMon For Linux.
  • iovisor/bccAvatar de iovisor

    iovisor/bcc

    22,459Ver en GitHub↗

    BCC is an eBPF development toolkit and tracing framework used for monitoring and analyzing the Linux kernel. It functions as a performance analysis tool and debugging utility to capture system events, measure kernel latency, and provide network observability. The project distinguishes itself by providing a build system that integrates with LLVM to compile C-like code into BPF bytecode at runtime. It utilizes BPF Type Format data for relocations to maintain cross-kernel compatibility and extracts kernel headers to ensure the generated programs match the specific kernel version. The toolkit co

    C
    Ver en GitHub↗22,459
  • missing-semester/missing-semesterAvatar de missing-semester

    missing-semester/missing-semester

    5,525Ver en GitHub↗

    The Missing Semester is a free, open-source educational curriculum designed to bridge the gap between theoretical computer science and the practical tooling every software engineer needs. Organized as a structured course, it covers Unix shell mastery, version control with Git, software debugging and profiling, system administration fundamentals, and computer security practices — the skills often left out of traditional degree programs. The project is maintained as a collaborative set of lecture notes, exercises, and guides that function as both a professional development tools course and a Uni

    CSS
    Ver en GitHub↗5,525
  • cilium/tetragonAvatar de cilium

    cilium/tetragon

    4,753Ver en GitHub↗

    Tetragon is an eBPF-based runtime security and observability toolset designed for Linux and Kubernetes environments. It functions as a security policy manager, observability agent, and enforcement engine that hooks into kernel functions and tracepoints to detect privilege escalation, container escapes, and unauthorized system activity. The project distinguishes itself through its ability to perform real-time, in-kernel enforcement, allowing it to synchronously terminate malicious processes or modify function return values before a system call completes. It provides deep Kubernetes integration

    C
    Ver en GitHub↗4,753
  • comodosecurity/openedrAvatar de ComodoSecurity

    ComodoSecurity/openedr

    2,603Ver en GitHub↗

    OpenEDR is an endpoint detection and response platform designed to collect telemetry and monitor system activity to identify security breaches. It functions as a host-based intrusion detection system and telemetry collector, gathering detailed data on process, network, and file activity. The system includes a dockerized security stack that bundles search, logging, and visualization tools into containers for analyzing endpoint telemetry. It features a security event visualizer that maps process lineage and indexes logs to facilitate root-cause analysis of attacks. The platform provides capabi

    C++
    Ver en GitHub↗2,603
  • Ver las 30 alternativas a ProcMon For Linux→