Above all, this application scans the table of running processes, killing those that has exceeds a given CPU-time limit or has gone for lunch. Filtering of processes is optionally done on command name, ranging from absolute to fuzzy.
What is Procmon for GNU/Linux
On the official GitHub page for the project, Microsoft explains:
The Procmon is a Linux reimagining of the classic Procmon tool from the Sysinternals suite of tools for Windows. Procmon provides a convenient and efficient way for Linux developers to trace the syscall activity on the system.
How Procmon Works
When using it, you can specify the process IDs that you would like to monitor or specific system calls using the following arguments:
Usage: procmon [OPTIONS]
OPTIONS
-h/--help Prints this help screen
-p/--pids Comma separated list of process ids to monitor
-e/--events Comma separated list of system calls to monitor
-c/--collect [FILEPATH] Option to start Procmon in a headless mode
-f/--file FILEPATH Open a Procmon trace fileCode language: PHP (php)
Microsoft released the source code to their Procmon Linux version and is marked as a 1.0 preview release. Microsoft is also making available a Debian/Ubuntu package of this preview build.
Building Procmon for Linux
Since it is released as a preview, it is limited to systems running Ubuntu 18.04 with kernel 4.18 up to 5.3 at the time of writing. Several users tried to build or install the process monitor tool on Ubuntu 20.04 systems and failed.
Microsoft plans to add more configurations to the system requirements in the future to take these systems into account.
Installation instructions on Ubuntu 18.04 devices are straightforward. Run the following commands:
wget -q https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt-get update
sudo apt-get install procmonCode language: JavaScript (javascript)Unfortunately, Procmon cannot be compiled under WSL due to the lack of Kernel event tracing.
Conclusion
Linux already has several graphical and command-line process monitoring tools such as Top, Htop, and Stacer. However, Procmon is the freshly-baked official Linux version of the Windows Process Monitor tool.
It is a powerful system monitoring tool for advanced uses. In addition, the Linux version comes without the help file that the Windows version of Procmon includes.
