Linux Process Visualization



    Have you ever had to monitor the dependencies of the system processes, “who’s whose folder”, find the emperor and kill him so that the slaves do not respawn? You can ps'at and grep'at, you can drive lsof, because it is so exciting;) But it seems to me that any connections are always easier to analyze in visual form, console utilities draw good signs, but it’s not always possible to quickly understand that what is connected and in what sequence, and for diagnosis it is very important.

    lsof (abbreviated LiSt Open Files), with a certain dexterity, allows you to build graphs of the relationships between running systems, who uses which files, who communicates with whom over what protocol. On habr already there was an article about what useful tool lsof, but it did not say anything about the -F switch, which allows you to display information not in the form of a table, but as a sequence of separate lines that can be redirected to the input of another program for further processing.

    lsofgraph was written just for this -F, parsing such output is much more convenient than table output. Unfortunately, lsofgraph was written in Lua, but it doesn’t stand everywhere, so it was rewritten in python: lsofgraph-python

    The format is simple, and the code is clear enough, so we won’t stop there, but let us go into battle right away. For drawing we will use graphviz, namely, dot and unflatten included in its composition.

    If you want to get a complete picture of the system, then you will need to use sudo, but if there is enough information about the current account, you can do without sudo.

    To create a graph:

    sudo lsof -n -F | python lsofgraph.py | dot -Tjpg > /tmp/a.jpg

    I like running c unflatten more, then the chart somehow looks more compact and beautiful:

    sudo lsof -n -F | python lsofgraph.py | unflatten -l 1 -c 6 | dot -T jpg > /tmp/a.jpg

    If you don’t like jpg, then you can choose svg there ...
    Example of a graph on a fairly empty test virtual machine:



    I hope that this will be useful to someone anyway;)

    Also popular now: