Skip to content

How to Install Sysdig from the Source Code

Jump to bottom Edit New page
Loris Degioanni edited this page Jul 16, 2014 · 37 revisions

NOTE: sysdig can be compiled under Linux, OSX and Windows, but only the Linux version is capable of capturing events and doing live analysis. On the other platforms, you will be limited to working with the trace files generated by a Linux installation of sysdig.

Linux and OSX

Requirements

  • GCC/G++ > 4.4 (Linux) or Clang (for OSX)
  • Linux kernel headers
  • CMake > 2.8.2
  • For Linux, the following kernel options must be enabled (usually they are, unless a custom built kernel is used):
  • CONFIG_TRACEPOINTS
  • CONFIG_HAVE_SYSCALL_TRACEPOINTS

Installation Instructions

  1. Download the sysdig github repository to your local machine
  2. From the command line, navigate to the sysdig repository on your local machine
  3. Run the following commands:
mkdir build
cd build
cmake ..
make
make install

This will just install sysdig and chisels, the compiled kernel module (needed for live capture and built on Linux only) will stay in build/driver/sysdig-probe.ko (which can be manually loaded with insmod). If you want to install the driver in the current kernel modules directory, then use (as root):

make install_driver

Build options

To manually specify the installation target directory, use:

cmake -DCMAKE_INSTALL_PREFIX=/my/prefix ..

By default the make target will compile the kernel module as well. If you prefer to not do that (e.g. you're not interested in the live capture feature or you are making a package), then you can do:

cmake -DBUILD_DRIVER=OFF

By default the bundled version of LuaJIT will be built and linked statically. If you prefer to use the system one, then you can do:

cmake -DUSE_BUNDLED_LUAJIT=OFF ..

Or, if LuaJIT is installed in a non-standard path:

cmake -DUSE_BUNDLED_LUAJIT=OFF -DLUAJIT_PREFIX=/opt/superluajit ..

By default the bundled version of JsonCpp will be built and linked statically. If you prefer to use the system one, then you can do:

cmake -DUSE_BUNDLED_JSONCPP=OFF ..

Or, if JsonCpp is installed in a non-standard path:

cmake -DUSE_BUNDLED_JSONCPP=OFF -DJSONCPP_PREFIX=/opt/superjson ..

By default the bundled version of zlib will be built and linked statically. If you prefer to use the system one, then you can do:

cmake -DUSE_BUNDLED_ZLIB=OFF ..

Or, if zlib is installed in a non-standard path:

cmake -DUSE_BUNDLED_ZLIB=OFF -DZLIB_PREFIX=/opt/superzlib ..

If you plan on making changes to the sysdig code, it can be handy to compile everything in debug mode, so that assertions are enabled and can save you some time troubleshooting issues:

cmake -DCMAKE_BUILD_TYPE=Debug ..

Windows

Requirements

  • Windows 7 SP1 (x86 and x64) or higher
  • Visual Studio Express 2013 for Windows Desktop (download page)
  • cmake for Windows (download page)

Installation Instructions

  1. Download the sysdig github repository to your local machine
  2. Open a Developer Command Prompt and navigate to the sysdig repository on your local machine
  3. Run the following commands:
md build
cd build
cmake -G "Visual Studio 12" ..
msbuild sysdig.sln /p:Configuration=Release

The previous steps compile sysdig as a 32bit executable. If you want to build a 64bit executable, replace the third command with

cmake .. -G"Visual Studio 12 Win64"

If you plan on making changes to the sysdig code, it can be handy to compile everything in debug mode, so that assertions are enabled and can save you some time troubleshooting issues:

msbuild sysdig.sln /p:Configuration=Debug
Add a custom footer
Add a custom sidebar
Clone this wiki locally