Captures

Sysdig capture files contain system calls and other OS events that can be analyzed with either the open-source sysdig or csysdig (curses-based) utilities, and are displayed in the Captures module.

The Captures module contains a table listing the capture file name, the host it was retrieved from, the time frame, and the size of the capture. When the capture file status is uploaded, the file has been successfully transmitted from the Sysdig agent to the storage bucket, and is available for download and analysis.

Store Capture Files

Sysdig capture files are stored in Sysdig’s AWS S3 storage (for SaaS environments), or in the Cassandra DB (for on-premises environments) by default.

To use your own AWS S3 storage bucket, see Storage: Configure Options for Capture Files.
On-premises installations also have the option to use an AWS-compatible custom storage, such as Minio or IBM Cloud Object Storage, See (On-Prem) Configure Custom S3 Endpoint.

Topics in This Section

Configure Sysdig Captures

Review a Capture File

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.