{"id":13467626,"url":"https://github.com/draios/sysdig-inspect","last_synced_at":"2025-06-19T07:14:28.792Z","repository":{"id":25720827,"uuid":"94378587","full_name":"draios/sysdig-inspect","owner":"draios","description":"Sysdig Inspect - A powerful opensource interface for container troubleshooting and security investigation","archived":false,"fork":false,"pushed_at":"2025-05-06T01:34:37.000Z","size":19865,"stargazers_count":987,"open_issues_count":70,"forks_count":71,"subscribers_count":115,"default_branch":"dev","last_synced_at":"2025-05-06T02:30:48.656Z","etag":null,"topics":["containers","docker","kubernetes","linux","sysdig","troubleshooting"],"latest_commit_sha":null,"homepage":"https://www.sysdig.org/","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/draios.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2017-06-14T22:40:11.000Z","updated_at":"2025-05-04T04:05:42.000Z","dependencies_parsed_at":"2023-01-14T07:00:57.927Z","dependency_job_id":"fd9061a6-7051-4d67-b5d1-bbb7fdef8f6a","html_url":"https://github.com/draios/sysdig-inspect","commit_stats":null,"previous_names":[],"tags_count":26,"template":false,"template_full_name":null,"purl":"pkg:github/draios/sysdig-inspect","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/draios%2Fsysdig-inspect","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/draios%2Fsysdig-inspect/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/draios%2Fsysdig-inspect/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/draios%2Fsysdig-inspect/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/draios","download_url":"https://codeload.github.com/draios/sysdig-inspect/tar.gz/refs/heads/dev","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/draios%2Fsysdig-inspect/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":260705942,"owners_count":23049498,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["containers","docker","kubernetes","linux","sysdig","troubleshooting"],"created_at":"2024-07-31T15:00:58.624Z","updated_at":"2025-06-19T07:14:23.763Z","avatar_url":"https://github.com/draios.png","language":"JavaScript","funding_links":[],"categories":["JavaScript","Install from Source","Container Security"],"sub_categories":["Troubleshooting","Runtime Security"],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"/public/assets/images/sysdig-inspect-logo-color-620x96.png\" alt=\"Sysdig Inspect\" /\u003e\n\u003c/p\u003e\n\n---\n\n[Sysdig Inspect](https://sysdig.com/blog/sysdig-inspect) is a powerful opensource interface for container troubleshooting and security investigation\n\nInspect's user interface is designed to intuitively navigate the data-dense sysdig captures that contain granular system, network, and application activity of a Linux system. Sysdig Inspect helps you understand trends, correlate metrics and find the needle in the haystack. It comes packed with features designed to support both performance and security investigations, with deep container introspection.\n\nTo use Sysdig Inspect, you need capture files collected on Linux with [sysdig](https://github.com/draios/sysdig).\n\nWhere to start?\n---\n**Sysdig Inspect container**\n\nSysdig Inspect is available as Docker container image.\n\n```\ndocker run -d -v /local/path/to/captures:/captures -p8080:3000 sysdig/sysdig-inspect:latest\n```\n\nSysdig Inspect will be available in your browser at http://localhost:8080!\n\nFor more information, check out the [Sysdig Inspect repository on Docker Hub](https://hub.docker.com/r/sysdig/sysdig-inspect).\n\n\n**Sysdig Inspect desktop**\n\nHere are the installers available for the latest version:\n\n* MacOS installer: https://setns.run/install-inspect\n* Windows installer: https://setns.run/install-inspect-windows\n* Linux installer (RPM version): https://setns.run/install-inspect-rpm\n* Linux installer (DEB version): https://setns.run/install-inspect-deb\n\nYou can check the changelog at https://github.com/draios/sysdig-inspect/releases.\n\n\nMain Features\n---\n**Instant highlights**\n\n![Instant Highlights](/assets/screenshots/Sysdig-Inspect-1.png)\n\nThe overview page offers an out of the box, at a glance summary of the content of the capture file. Content is organized in tiles, each of which shows the value of a relevant metric and its trend. Tiles are organized in categories to surface useful information more clearly and are starting point for investigation and drill down.\n\n**Sub-second microtrends and metric correlation**\n\n![Sub-second microtrends and metric correlation](/assets/screenshots/Sysdig-Inspect-2.png)\n\nOnce you click on a tile, you will see the sub-second trend of the metric shown by the tile. Yes, sub-second. You will be amazed at how different your system, containers and applications look at this level of granularity.  Multiple tiles can be selected to see how metrics correlate to each other and identify hot spots.\n\n**Intuitive drill-down-oriented workflow**\n\n![Intuitive drill-down-oriented workflow](/assets/screenshots/Sysdig-Inspect-3.png)\n\nYou can drill down into any tile to see the data behind it and start investigating. At this point you can either use the timeline to restrict what data you are seeing, or further drill down by double clicking on any line of data. You will be able to see processes, files, network connections and much more.\n\n**Payloads and system calls visualization**\n\n![Payloads and system calls visualization](/assets/screenshots/Sysdig-Inspect-4.png)\n\nEvery single byte of data that is read or written to a file (provided the appropriate `--snaplen` parameter is used while creating the capture), to a network connection to a pipe is recorded in the trace file and Sysdig Inspect makes it easy to observe it. Do you need to troubleshoot an intermittent network issue or determine what a malware wrote to the file system? All the data you need is there. And, of course, you can switch at any time into sysdig mode and look at every single system call.\n\nCollecting \u0026 Loading Captures\n---\n**Creating a capture file**\nSysdig Inspect works with capture files that have been collected by [sysdig](https://github.com/draios/sysdig) on a Linux system. The [sysdig user guide](https://github.com/draios/sysdig/wiki/Sysdig-User-Guide) contains a nice introduction to the tool and includes many examples that can guide you through the command line and filtering syntax.\n\nAs a very easy quick start, here's how to capture all of the system events on a Linux box with sysdig:\n\n`sudo sysdig -w filename.scap`\n\n**Example Trace files**\n[502 Error](https://github.com/draios/sysdig-inspect/blob/master/capture-samples/502Error.scap) Troubleshooting an HAProxy 502\n[404 Error](https://github.com/draios/sysdig-inspect/blob/master/capture-samples/404Error.scap) Troubleshooting a 404 error from a leaky file\n\nJoin the Community\n---\n\n* Join our [Public Slack](https://slack.sysdig.com) channel for announcements discussions, and help\n* Follow us on [Twitter](https://twitter.com/sysdig)\n* This is our [blog](https://sysdig.com/blog/sysdig-inspect). There are many like it, but this one is ours.\n\nLicense Terms\n---\nSysdig is licensed to you under the [GPL 2.0](https://github.com/draios/sysdig/blob/dev/COPYING) open source license.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdraios%2Fsysdig-inspect","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdraios%2Fsysdig-inspect","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdraios%2Fsysdig-inspect/lists"}