A Linux version of the Procmon Sysinternals tool
10 days ago
- #Syscalls
- #Linux
- #Monitoring
- Procmon is a Linux tool inspired by the Windows Sysinternals Procmon, designed to trace syscall activity.
- Supports Ubuntu 18.04 LTS and requires cmake >= 3.14 and libsqlite3-dev >= 3.22 for building.
- Usage includes monitoring specific processes (-p), syscalls (-e), headless mode (-c), and opening trace files (-f).
- Example commands provided for tracing all processes, specific PIDs, and syscalls, as well as headless logging.
- Community engagement options: Stack Overflow, GitHub feature requests, bug reports, and contributions.
- Contribution guidelines cover building from source, development workflow, coding standards, and pull requests.
- Licensed under MIT License, copyright Microsoft Corporation.