Microsoft released a version of the company's ProdDump application for Linux. ProcDump is a long standing command line utility by Sysinternals, maker of widely used applications such as AutoRuns, ProcessExplorer or Process Monitor.

ProcDump allows you to monitor processes for CPU spikes, and have it generate crash dumps during spikes for analysis. The application supports other types of monitoring including monitoring of windows that hang, and unhandled exception monitoring, The program provides functionality of a general purpose process dump utility on top of all that.

Microsoft released the Linux version of ProcDump, called ProcDump for Linux, a couple of days ago on GitHub.

The minimum operating system and version right now is Ubuntu 14.04 LTS on desktop or server, gdb 7.7.1 or higher, and Linux kernel version 3.5 or higher. Microsoft notes that it is testing the program using other Linux distributions.

Screenshoot

The GitHub page highlights installation on Ubuntu 14.04 and Ubuntu 16.04 versions. Microsoft offers instructions for package manager installations and .deb package installations.

Package Manager

Run the following commands:

  1. curl https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.gpg
  2. sudo mv microsoft.gpg /etc/apt/trusted.gpg.d/microsoft.gpg
  3. On Ubuntu 16.04: sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos...tu-xenial-prod xenial main" > etc/apt/sources.list.d/microsoft.list'
  4. On Ubuntu 14.04: sudo sh -c 'echo "deb [arch=amd64] https://packages.microsoft.com/repos...tu-trusty-prod trusty main" > /etc/apt/sources.list.d/microsoft.list'


.deb Package

Run the following commands:

  1. On Ubuntu 16.04: wget https://packages.microsoft.com/repos..._1.0_amd64.deb
  2. On Ubuntu 14.04: wget https://packages.microsoft.com/repos..._1.0_amd64.deb
  3. sudo dpkg -i procdump_1.0_amd64.deb
  4. sudo apt-get -f install


Using ProcDump on Linux

ProcDump does not support the same set of options as the Windows version.

"Usage: procdump [OPTIONS...] TARGET

-C CPU threshold at which to create a dump of the process from 0 to 200
-c CPU threshold below which to create a dump of the process from 0 to 200
-M Memory commit threshold in MB at which to create a dump
-m Trigger when memory commit drops below specified MB value.
-n Number of dumps to write before exiting
-s Consecutive seconds before dump is written (default is 10)

TARGET must be exactly one of these:
-p pid of the process
"

A couple of examples:

  • sudo procdump -p 1234 -- Create a core dump
  • sudo procdump -n 3 -p 1234 -- Create three core dumps each 10 seconds apart from each other
  • sudo procdump -C 65 -n 3 -p 1234 -- Create a core dump when CPU usage reaches 65% or higher, but wait at least 10 seconds between dumps.
  • sudo procdump -C 65 -M 100 -p 1234 -- Create a core dump when CPU usage is 65% or higher,or when Memory usage is higher than 100 Megabytes.