Something that is really cool about Sysinternals tools are that they have a pretty usable GUI (granted, once you need to understand what does each UI icon do). Mimicking this experience in the TUI/terminal would certainly be a challenge. I would love to have a Procmon and ProcessExplorer equivalent with the GUI on Linux and macOS.
I'm not familiar with the Windows version of ProcMon, but judging by the Linux version, that looks like it's primarily replicating the function of `strace` in a CLI GUI.<p>Worth reading Joe Damato's excellent article on strace: <a href="https://blog.packagecloud.io/eng/2016/02/29/how-does-strace-work/" rel="nofollow">https://blog.packagecloud.io/eng/2016/02/29/how-does-strace-...</a>
Sorta related: If y’all haven’t used netdata - wow - it blew my socks off last night. I have it installed on all my hosts now and it’s already helping me diagnose a redis bgsave issue that I didn’t realize existed. Really well put together software.
Because Ubuntu 18.04 is used for the development environment, it relies on pretty old dependencies.<p>Bug report: <a href="https://github.com/Sysinternals/ProcMon-for-Linux/issues/44" rel="nofollow">https://github.com/Sysinternals/ProcMon-for-Linux/issues/44</a>
While I see a lot of comparisons to htop, I wonder how this compares to sysdig? I’ve found sysdig to be an invaluable swiss army knife of debugging performance issues; the only difficult part is finding the right documentation among the cloud offering of the same name.
I've been looking at a few eBPF tracing implementations around GitHub recently to try and get my head round it, and this codebase has to be one of the best documented (if not best written) examples out there. Kudos.
Even though I don't use procmon on windows basically never. Sysinternals on linux could be useful especially with same gui as on windows. It would be great to see autoruns and tcpview on linux.