9. Sysdig Module

9.1. Prerequisite

Install the sysdig package (“sudo apt-get install sysdig sysdig dkms” on Ubuntu) or download it from www.sysdig.org

9.2. Installation

Nothing to do beside loading the sysdig kernel module (“sudo modprobe sysdig_probe”)

9.3. Usage

pfcount -i sysdig:

or in case you want to add a sysdig filter do:

pfcount -v 2 -i sysdig: -f "evt.type=open"