ProcMon-for-Linux by Microsoft is an open-source port of the legendary Windows Sysinternals Process Monitor, adapted for Linux environments. It captures and displays real-time syscall activities—alongside process/thread details—in an interactive terminal interface. With filtering capabilities, full thread stack capture, logging to SQLite, and event replay, it offers powerful visibility into system behavior. Currently distributed as a preview release (up to v2.0 on Linux), it supports Ubuntu 18.04 kernels 4.18–5.3 with plans to expand compatibility across more distributions.
Features
- Real-time syscall and process tracing
- Non-destructive filters to focus on relevant events
- Full thread stack capture for each syscall
- Log and replay events via SQLite trace files
- Headless mode with log export (e.g. procmon -c file.db)
- Interactive TUI for analysis and event filtering
Project Samples
Categories
SystemLicense
MIT LicenseFollow ProcMon for Linux
You Might Also Like
Gen AI apps are built with MongoDB Atlas
MongoDB Atlas is the developer-friendly database used to build, scale, and run gen AI and LLM-powered apps—without needing a separate vector database. Atlas offers built-in vector search, global availability across 115+ regions, and flexible document modeling. Start building AI apps faster, all in one place.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of ProcMon for Linux!