Sysdig is open source, Linux System Troubleshooting Tool: capture system  state and activity from a running Linux instance, then save, filter and  analyze. Think of it as strace + tcpdump + lsof + awesome sauce. With a  little Lua cherry on top.
Sysdig was born from a team’s constant frustration. System level  troubleshooting is just way more of a pain than it should be —  especially in distributed, virtualized, and cloud-based environments. So  they took the lessons they learned while building network monitoring  tools like WinPCap and Wireshark and created a new kind of system  troubleshooting tool for Linux.
Sysdig captures system calls and other system level events using a  linux kernel facility called tracepoints, which means much less overhead  than strace.
It then “packetizes” this information, so that you can save it into  trace files and filter it, a bit like you would do with tcpdump. This  makes it very flexible to explore what processes are doing.
Sysdig is also packed with a set of scripts that make it easier to extract useful information and do troubleshooting.
 
