Sysinternals are very widely used tools from Microsoft in the Windows world, and now the ProcDump utility has been ported over to Linux as an Open Source project from Microsoft. ProcDump is a command-line (CLI) utility for monitoring an application for CPU spikes and generates crash dumps during the spike. An admin or developer can use these crash dumps to determine the cause of the spike. This tool was originally built for Windows, and now it’s available for use on Linux as well!

This is not a community port, but rather an official Open Source project from Microsoft. As such, this is the official Linux version of Sysinternals ProcDump created and maintained by Microsoft. Plus, it’s licensed under the MIT License.



Linux ProcDump Usage

Usage: procdump [OPTIONS...] TARGET
   OPTIONS
      -h          Prints this help screen
      -C          Trigger core dump generation when CPU exceeds or equals specified value (0 to 100 * nCPU)
      -c          Trigger core dump generation when CPU is less than specified value (0 to 100 * nCPU)
      -M          Trigger core dump generation when memory commit exceeds or equals specified value (MB)
      -m          Trigger core dump generation when when memory commit is less than specified value (MB)
      -T          Trigger when thread count exceeds or equals specified value.
      -F          Trigger when filedescriptor count exceeds or equals specified value.
      -I          Polling frequency in milliseconds (default is 1000)
      -n          Number of core dumps to write before exiting (default is 1)
      -s          Consecutive seconds before dump is written (default is 10)
      -d          Writes diagnostic logs to syslog
   TARGET must be exactly one of these:
      -p          pid of the process
      -w          Name of the process executable

Linux ProcDump Examples

Create core dump immediately:

sudo procdump -p 1234

Create 3 core dumps 10 seconds apart:

sudo procdump -n 3 -p 1234

Create 3 core dumps 5 seconds apart:

sudo procdump -n 3 -s 5 -p 1234

Create a core dump each time the process has CPU usage >= 65%, up to 3 times, with at least 10 seconds between each dump:

sudo procdump -C 65 -n 3 -p 1234

Create a core dump when CPU usage is outside the range [10,65]:

sudo procdump -c 10 -C 65 -p 1234

Download Sysinternals ProcDump for Linux

The Sysinternals ProcDump for Linux utility is licensed under MIT License, and available over in it’s GitHub repo: https://github.com/Microsoft/ProcDump-for-Linux



System Requirements

  • Minimum Operating System
    • Red Hat Enterprise Linux (RHEL) / CentOS 7
    • Fedora 29
    • Ubuntu 16.04 LTS
  • gdb >= 7.6.1
  • zlib (buil-time only)

Happy monitoring your process dumps and troubleshooting your apps!


Microsoft MVP

Chris is a Microsoft MVP and has 20 years of experience designing and building Cloud & Enterprise systems. He is also a Microsoft Certified: Azure Solutions Architect, developer, Microsoft Certified Trainer (MCT), and Cloud Advocate. He has a passion for technology and sharing what he learns with others to help enable them to learn faster and be more productive.