Today hell has frozen over. Microsoft has made available Sysinternals Procmon for Linux, shipping ready-to-use packages for Ubuntu 18.04.
Process Monitor is a monitoring tool for Windows that shows live file, Registry and process/thread activity. It is a relatively new tool that combines two older Sysinternals utilities, Filemon and Regmon. The tool displays in real-time all file system activity on a Microsoft Windows operating system.
On Windows, Process Monitor can be used to track registry and file system changes done by a process. It supports a huge number of filters, and allows exporting the collected data to a file. It is the Swiss knife for an advanced user.
SysInternals Procmon on Linux
Microsoft has ported Procmon to Linux under MIT license. The project is now on GitHub.
Process Monitor (Procmon) is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system.
As system requirements, Microsoft mentions the following:
- Minimum OS:
- Ubuntu 18.04 lts
-
cmake>= 3.13 (build-time only) -
libsqlite3-dev>= 3.22 (build-time only)
On Github, you will also find build instructions for enthusiasts.
Definitely, porting Procmon to Linux is one of the least expected moves from Microsoft. It will take some time to see how useful it is, and analyze if it is better than the good old htop and strace tools.
Support us
Winaero greatly relies on your support. You can help the site keep bringing you interesting and useful content and software by using these options:
If you like this article, please share it using the buttons below. It won't take a lot from you, but it will help us grow. Thanks for your support!
Advertisеment
