Procmon comes to Linux from Microsoft

Talking about Procmon, Process Explorer and other Sysinternals tools is, for many, remembering a set of very veteran tools and that, for quite a few years they have been the perfect complement to Windows, since they offer us a much deeper approach to certain elements of the system that, only with the tools and functions included in the operating system, are not accessible. Or, at least, they are not as simple and adequate as with these programs.

And beware, I understand that it is a fairly general opinion, so much that those of Redmond ended up acquiring Sysinternals back in 2009, in what some thought was a movement to end Procmon, File Explorer and others, but in which other people wanted to see good intentions from Microsoft. I personally admit that I came to think that perhaps they would even be included natively in the operating system. Over time, I must admit, I became optimistic.

All Sysinternals applications, however, are still up-to-date and regularly updated. Microsoft not only has not finished them, but has enriched the catalog of Sysinternals, now Windows Sysinternals, with new and interesting tools. Most of them, like Procmon, focus on monitoring system elements, many of them are quite well documented and, in line with what their creators originally offered, they are still free. You can download the Windows Sysinternals suite from this page.

And today we have known, by Beta News, that Microsoft not only continues taking care of these tools, no, but also plans to expand its horizons. How? Well posting, on GitHub, yes, the open source platform they acquired a few years ago, a Procmon version for Linux and under MIT License.

It is not, strictly speaking, exactly the same Procmon available for Windows, yes. This is the description given by those responsible for the project on their GitHub page: «Process Monitor (Procmon) is a Linux reinvention of the classic Procmon tool from the Sysinternals toolset for Windows. Procmon provides a convenient and efficient way for Linux developers to track syscall activity on the system«. It should be understood, therefore, that it does not start from the same code, although it does reproduce the same functions or, at least, the most important ones.

Those responsible for this port Procmon to Linux ask the community for as much feedback as possible: questions about the software through StackOverflow, request for new functions, participating in the voting of the most popular functions … there are many elements that suggest that, at least in principle, it is a project that we can hope to have certain route. And what’s more, even (if Microsoft’s plans go well, of course) I would not rule out that, over time, this version of Process Monitor will evolve so much as to surpass its predecessor, which it could even eventually replace at some point.







Leave a Reply

Your email address will not be published. Required fields are marked *