Procmon Process Monitor for Linux – Microsoft Sysinternals Suite

Procmon Process Monitor is a free and open source syscall activity tracer for Linux. Procmon Process Monitor for Linux is the re imagining of the old Windows Procmon tool from Sysinternals suite. Now Microsoft brings this good old tool to Linux users. Using this you can trace the system calls and signals. This is still in preview stage. It is released under the MIT License.

Procmon Process Monitor

Install Procmon for Linux on Ubuntu

Open the terminal application and run below commands one by one. It method will work on Ubuntu 18.04 & 20.04.

wget -q https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt update
sudo apt-get install procmon

After the installation you can run Procmon for Linux via the below command in terminal.

sudo procmon

Complete usage details.

Also Read:  How to Install Elasticsearch on Ubuntu

Usage: procmon [OPTIONS]
OPTIONS
-h/–help Prints this help screen
-p/–pids Comma separated list of process ids to monitor
-e/–events Comma separated list of system calls to monitor
-c/–collect [FILEPATH] Option to start Procmon in a headless mode
-f/–file FILEPATH Open a Procmon trace file

If you liked this article, please subscribe to our YouTube Channel. You can also stay connected with us on X (Twitter) and Facebook.



Leave a Reply