Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dive Even Deeper sysdig – Wireshark for your system.

Published bySara Atkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Dive Even Deeper sysdig – Wireshark for your system."— Presentation transcript:

1 Dive Even Deeper sysdig – Wireshark for your system

2

3

4

5 Agenda Overview Visualization Fishing for Hackers

6 Wireshark Is Awesome

7 Why Is Wireshark Awesome?

8 The Workflow! Capture Don’t need to sit in front of the machine waiting for the issue Share trace files Capture in multiple locations and then correlate Filter Find the needle in the haystack Don’t need to know what you’re looking for Learn while exploring Analyze Put intelligence on top of low level information Packets can tell us a lot And never lie

9 Question: If Wireshark’s Workflow Is So Great, Can We Apply It To System Monitoring?

10 Sysdig Capture system events System calls Context switches More Packetize them Store them into pcap-ng traces Wireshark-like display fields Filtering rendering

11 res = open(const char *pathname, int flags) Type = openNargs = 2“myfile.txt”1 Store Filter Analyze

12 Sysdig-probe scap sinsp sysdig Capture Control Dump files R/W OS state collection Event parsing State engine Filtering Output Formatting Chisel execution Command line parsing Capture management Non-blocking event collection Type-based event packing Memory mapped buffer handling kernel User Event Buffer

13 Chisels Lua scripts to carve up the data you unearthed First class citizens from day one Callback API Process events Create summaries Main API Control sysdig Extract fields https://github.com/draios/sysdig/wiki/Sysdig%20Chisel%20API%20Reference%20Manual

14 Demo

15 Get Engaged http://www.sysdig.org/ https://github.com/draios/sysdig https://github.com/draios/sysdig/wiki http://www.sysdig.org/install/

Download ppt "Dive Even Deeper sysdig – Wireshark for your system."

Similar presentations

OpenGL Open a Win32 Console Application in Microsoft Visual C++.

OpenGL Open a Win32 Console Application in Microsoft Visual C++.
Organizing List and Documents with Site Columns and Content Types Gayan Peiris Principal Consultant

Organizing List and Documents with Site Columns and Content Types Gayan Peiris Principal Consultant
K T A U Kernel Tuning and Analysis Utilities Department of Computer and Information Science Performance Research Laboratory University of Oregon.

K T A U Kernel Tuning and Analysis Utilities Department of Computer and Information Science Performance Research Laboratory University of Oregon.
CSC 360- Instructor: K. Wu Overview of Operating Systems.

CSC 360- Instructor: K. Wu Overview of Operating Systems.
Embedded Streaming Media with GStreamer and BeagleBoard ESC-228 Presented by Santiago Nunez santiago.nunez (at) ridgerun.com.

Embedded Streaming Media with GStreamer and BeagleBoard ESC-228 Presented by Santiago Nunez santiago.nunez (at) ridgerun.com.
Chapter 2 Operating System Overview Operating Systems: Internals and Design Principles, 6/E William Stallings.

Chapter 2 Operating System Overview Operating Systems: Internals and Design Principles, 6/E William Stallings.
Datorteknik IOControl bild 1 Input/Output Interface Address bus Data bus Control bus fffffffc Addr DE...Mem 1 Keyboard address decoder Mem n address decoder.

Datorteknik IOControl bild 1 Input/Output Interface Address bus Data bus Control bus fffffffc Addr DE...Mem 1 Keyboard address decoder Mem n address decoder.
Last update: August 9, 2002 CodeTest Embedded Software Verification Tools By Advanced Microsystems Corporation.

Last update: August 9, 2002 CodeTest Embedded Software Verification Tools By Advanced Microsystems Corporation.
1 Capturing & Analyzing Network Traffic: tcpdump/tshark and Wireshark EE 122: Intro to Communication Networks Vern Paxson / Jorge Ortiz / Dilip Anthony.

1 Capturing & Analyzing Network Traffic: tcpdump/tshark and Wireshark EE 122: Intro to Communication Networks Vern Paxson / Jorge Ortiz / Dilip Anthony.
Tools for Investigating Graphics System Performance

Tools for Investigating Graphics System Performance
Processes CSCI 444/544 Operating Systems Fall 2008.

Processes CSCI 444/544 Operating Systems Fall 2008.
1 Host Based Intrusion Detection: Analyzing System Logs Bob Winding, Vikram Ahmed University of Notre Dame 12/13/2006.

1 Host Based Intrusion Detection: Analyzing System Logs Bob Winding, Vikram Ahmed University of Notre Dame 12/13/2006.
OS Fall ’ 02 Introduction Operating Systems Fall 2002.

OS Fall ’ 02 Introduction Operating Systems Fall 2002.
Visual Studio 2010 SharePoint Developer Tools. Developer Tools for SharePoint  Familiar VS Experience  Build, Debug, Deploy SharePoint projects  Visual.

Visual Studio 2010 SharePoint Developer Tools. Developer Tools for SharePoint  Familiar VS Experience  Build, Debug, Deploy SharePoint projects  Visual.
Tcpdump Tutorial EE122 Fall 2006 Dilip Antony Joseph, Vern Paxson, Sukun Kim.

Tcpdump Tutorial EE122 Fall 2006 Dilip Antony Joseph, Vern Paxson, Sukun Kim.
OS Spring’03 Introduction Operating Systems Spring 2003.

OS Spring’03 Introduction Operating Systems Spring 2003.
SharePoint 2010 Business Intelligence Module 3: Business Intelligence Center.

SharePoint 2010 Business Intelligence Module 3: Business Intelligence Center.
V-1 University of Washington Computer Programming I File Input/Output © 2000 UW CSE.

V-1 University of Washington Computer Programming I File Input/Output © 2000 UW CSE.
Advanced Web Debugging with Fiddler Eric Lawrence Program Manager Internet Explorer Note: Session includes demos and code samples.

Advanced Web Debugging with Fiddler Eric Lawrence Program Manager Internet Explorer Note: Session includes demos and code samples.
Testing Tools. Categories of testing tools Black box testing, or functional testing Testing performed via GUI. The tool helps in emulating end-user actions.

Testing Tools. Categories of testing tools Black box testing, or functional testing Testing performed via GUI. The tool helps in emulating end-user actions.

Similar presentations

Ads by Google