Using Sysdig
Before we look at how to use Sysdig, let's launch a few containers using docker-compose by running the following command:
cd /monitoring_docker/chapter05/wordpress/ docker-compose up –d
This will launch a WordPress installation running a database and two web server containers that are load balanced using an HAProxy container. You will be able to view the WordPress installation at http://docker.media-glass.es/ once the containers have launched. You will need to enter some details to create the admin user before the site is visible; follow the on-screen prompts to complete these steps.
The basics
At its core, Sysdig is a tool for producing a stream of data; you can view the stream by typing sudo sysdig (to quit, press Ctrl+c).
There is a lot information there so let's start to filter the stream down and run the following command:
sudosysdigevt.type=chdir
This will display only events in which a user changes directory; to see it in action, open a second terminal and you will see that...
