If you’re a Windows admin migrating to Linux in your data centers, you’ll be happy to know Procmon is now available to install on Ubuntu Server. Jack Wallen shows you how.
The Procmon command is a tool, usually found on Windows, that displays real-time data from the Registry, as well as process and thread activity. This process monitor features include:
Thread stack and process detail capture
Boot time operation logging
It should come as no surprise to anyone (who’s been paying attention) that the Windows Procmon command has come over to the Linux platform, which could be a real boon for your data center. At the moment, the tool is only available for Ubuntu 18.04 running kernels between 4.178 and 5.3, requires Cmake 3.14 or newer and libsqlite3-dev 3.22 or newer.
I want to walk you through the process of installing Procmon on Ubuntu Server 18.04.
SEE: Implementing DevOps: A guide for IT pros (free PDF) (TechRepublic)
What you’ll need
A running instance of Ubuntu Server 18.04
A user with sudo privileges
How to install the dependencies
In order to successfully install Procmon, you’ll need to first install the necessary dependencies. Log in to your server, open a terminal window, and issue the command:
sudo apt-get install bison build-essential flex git libedit-dev libllvm6.0 llvm-6.0-dev libclang-6.0-dev python zlib1g-dev libelf-dev cmake -y
Next we need to build bcc. For this we’ll turn to git. Clone the bcc source with the command:
git clone --branch tag_v0.10.0 https://github.com/iovisor/bcc.git
Next, create a build directory with the command:
Change into the new directory with the command:
Compile the source with the command:
cmake .. -DCMAKE_INSTALL_PREFIX=/usr
When the above command completes, issue the command:
The above command will take considerable time to complete (5-20 minutes, depending on the speed of your hardware). Finally, install bcc with the command:
sudo make install
How to install the latest version of Cmake
We now need to install Cmake version 3.14. The easiest way to do that is via snap. First, remove the current version of Cmake with the commands:
sudo apt-get remove --purge cmake -y hash -r
Install the latest version of Cmake with the command:
sudo snap install cmake --classic
Once that completes, you can continue on with building Procmon.
How to build Procmon
We can now clone Procmon and build it. Clone the source with the command:
git clone https://github.com/Microsoft/Procmon-for-Linux
Change into the newly-created directory with the command:
Create a build directory with the command:
Change into that newly created directory with the command:
Compile and build with the following two commands:
cmake .. make
Build the package with the command:
Finally, install Procmon with the command:
sudo dpkg -i procmon*.deb
When the installation completes, you can begin running Procmon. For example, you could follow all processes and system calls with the command:
And that’s all there is to installing the Microsoft Procmon command on Ubuntu Server 18.04. For those admins who have used Procmon in the past, you now have a familiar tool in your Linux toolkit.