IMicrosoft ikhuphe inguqulelo yomthombo ovulekileyo weSysmon System Monitor yeLinux

Ngelixa iMicrosoft ivelisa usetyenziso kunye neenkonzo yenzelwe ukusebenzisa nenkqubo yakho IiWindows ezisebenzayo, ngaphezu kweminyaka inkampani ayamkelanga kuphela iMacOS kodwa kunye neLinux. Emva kokusungula i-Windows Subsystem ye-Linux kwi-Windows 11 ivenkile, iMicrosoft isandula ukukhulula esinye sezixhobo zayo kubasebenzisi beLinux.

Kwaye ngaba iMicrosoft isanda kukhupha inguqulelo yeLinux yeSysmon, isixhobo sokujonga inkqubo yeWindows. I-Sysmon sesinye sezixhobo kwingqokelela ye-Sysinternals egcinwe nguMicrosoft, enika abasebenzisi amandla okubeka iliso kwiinkqubo zeempawu zemisebenzi ekrokrisayo enokufakwa.

Esi sisixhobo esiqwalaselwe kakhulu abalawuli besixokelelwano banokusilungiselela ukufumana iindidi ezithile zomsebenzi onokuthi ube yinkxalabo.

Malunga neSysmon System Monitor

Kwabo bangayazi iSysmon, kuya kufuneka uyazi ukuba oku yinkqubo efakwe njengenkonzo yesixokelelwano kwaye ihlala isebenza nasemva kokuqalisa kwakhona okulandelayo.

Ivumela ukubeka iliso kunye nokurekhoda komsebenzi wenkqubo kwilog yesiganeko Windows kwaye inikezela ngolwazi oluthe kratya malunga nokudala iinkqubo, uqhagamshelwano lwenethiwekhi, ukudala nokuguqula iifayile. Ngokuphonononga iziganeko eziveliswe nguSysmon kumatshini osetyenziswayo, umlawuli unokuchonga umsebenzi ongathandekiyo okanye okhohlakeleyo, aqonde indlela esetyenziswe ngayo inkqubo, aqonde indlela abahlaseli abenze ngayo kwinkqubo.

Inguqulelo yeLinux yeSysmon ikude kwisixhobo esiluncedo, yaye uzifumana etsala nzima ukuze afumane ingqalelo kwintsimi esele ixakekile. Nangona kunjalo, uya kufumana abalandeli phakathi kwabalawuli benkqubo abasele besebenzisa iSysmon yeWindows kwaye bebelinde ngomdla ukuba izibuko leLinux lisetyenziswe kwezinye iinkqubo.

Nabani na ofuna ukuqalisa ngesixhobo kuya kufuneka azi ukuba angaqulunqa njani iibhinari zeLinux, kodwa oko akufuneki kube ngumqobo kubaphulaphuli ekujoliswe kubo isixhobo. Kwimibhiyozo, uMark Russinovich, umyili wepakethe, wathi iSysinternals ngoku inokukhutshelwa ngephingo okanye iMicrosoft Store. Kwakhona, njengoko sele usazi, iSysmon isandula ukukhutshwa kwiLinux, enekhowudi yomthombo ovulekileyo.

Uyifaka njani iSysmon kwiLinux?

Uguqulelo lwe-Linux lufuna ufakelo lwe-SysinternalsEBPF kwaye emva koko ukudityaniswa kwesixhobo ngumsebenzisi. Imiyalelo yoku ikwiphepha le-Sysmon kwi-GitHub.

Umzekelo, isixhobo sinendlela elula yokufakela kwi-Ubuntu, ukusukela ukuyifaka, vula nje i-terminal kunye nohlobo:

wget -q https://packages.microsoft.com/config/ubuntu/$(lsb_release -rs)/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
sudo dpkg -i packages-microsoft-prod.deb
sudo apt install build-essential gcc g++ make cmake libelf-dev llvm clang libxml2 libxml2-dev libzstd1 git libgtest-dev apt-transport-https dirmngr monodevelop googletest google-mock libjson-glib-dev

sudo apt-get update
sudo apt-get install sysmonforlinux

Ngelixa iDebian 11:

wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > microsoft.asc.gpg
sudo mv microsoft.asc.gpg /etc/apt/trusted.gpg.d/
wget -q https://packages.microsoft.com/config/debian/11/prod.list
sudo mv prod.list /etc/apt/sources.list.d/microsoft-prod.list
sudo chown root:root /etc/apt/trusted.gpg.d/microsoft.asc.gpg
sudo chown root:root /etc/apt/sources.list.d/microsoft-prod.list

sudo apt-get update
sudo apt-get install apt-transport-https
sudo apt-get update
sudo apt-get install sysmonforlinux

Okanye kwimeko yeFedora 34:

sudo rpm --import https://packages.microsoft.com/keys/microsoft.asc
sudo wget -q -O /etc/yum.repos.d/microsoft-prod.repo https://packages.microsoft.com/config/fedora/34/prod.repo
sudo dnf install sysmonforlinux

Emva kokuba ufakelo lugqityiwe, iSysmon yeLinux iqalisa imisebenzi yenkqubo yokugawulwa kwemithi kwi/var/log/syslog. Eminye yemisitho efakwe sisixhobo ayisebenzi kwiLinux. Iindaba ezimnandi zezokuba iSysmon inokucwangciswa ukuba irekhode kuphela oko umlawuli akubona kufanelekile.

Ungaqala inkqubo kwaye ufumane isivakalisi semiyalelo esebenzisekayo. Ukwenza oku, bachwetheza ngokulula:

sysmon -h

Emva koko unokwamkela imiqathango yokusetyenziswa ngokuchwetheza

sysmon -accepteula

I-Sysmon sisixhobo esinamandla ekudala sisetyenziswa kwiWindows ukuqaqambisa oonobangela bokuziphatha okungaqhelekanga okufunyenwe kwinqanaba lesicelo okanye ngaphakathi kwinethiwekhi yendawo.

Gqibela Ukuba unomdla wokwazi okungakumbi ngayo, ungajonga iinkcukacha Kule khonkco ilandelayo.


Yiba ngowokuqala ukuphawula

Shiya uluvo lwakho

Idilesi yakho ye email aziyi kupapashwa. ezidingekayo ziphawulwe *

*

*

  1. Uxanduva lwedatha: UMiguel Ángel Gatón
  2. Injongo yedatha: Ulawulo lwe-SPAM, ulawulo lwezimvo.
  3. Umthetho: Imvume yakho
  4. Unxibelelwano lwedatha: Idatha ayizukuhanjiswa kubantu besithathu ngaphandle koxanduva lomthetho.
  5. Ukugcinwa kweenkcukacha
  6. Amalungelo: Ngalo naliphi na ixesha unganciphisa, uphinde uphinde ucime ulwazi lwakho.