csysdig - Linux


csysdig is a command-line tool that provides deep visibility and analysis into system activity, including container and host-level resource utilization, performance, and security metrics. It empowers users to troubleshoot issues, optimize system performance, and monitor security threats.


csysdig [options] [command] [arguments]


  • -h, –help: Display help and usage information.
  • -v, –version: Print version information.
  • -l, –log-file : Specify a custom log file to write output.
  • -f, –follow: Continuously monitor and display output.
  • -t : Duration to run the command (eg. "1m" for 1 minute).
  • -r : Sampling rate in events per second.


Basic system monitoring:


Monitor container resource usage:

csysdig -f --container-id <container_id>

Analyze network activity:

csysdig -t 5m --filter-keyword="<ip_address>"

Troubleshoot performance issues:

csysdig -r 100000 --filter-type="cpu"

Common Issues

  • No output displayed: Ensure the system is running and csysdig has sufficient permissions.
  • High CPU usage: Reduce the sampling rate (-r option) to mitigate resource consumption.
  • Permission denied: Verify that you have root privileges or are using sudo.


Example script to monitor system performance and write logs:


# Monitor system activity for 5 minutes
csysdig -t 5m -l /var/log/csysdig.log

# Perform analysis
csysdig -l /var/log/csysdig.log -f --filter-type="cpu"

Related Commands

  • sysdig
  • sar
  • perf