Configure Sysdig Captures
Create a Capture File
To create a capture file:
Exploremodule, select a host or container.
Settings(ellipsis) drop-down menu, and select
Sysdig Capture. The
Sysdig Capturepop-up window will open.
Define the following parameters, and click the
Capture path and name
The name of the capture file. The default name includes the date and time stamp the capture was created.
The period of time captured. The default time is 15 seconds; the maximum capture time available is 24 hours. The capture file size limit is 100MB.
Sysdig recommends using the default time to ensure captures are small and manageable.
Restricts the amount of trace information collected. For more information, including examples of available filters, refer to the Sysdig Github page.
The storage location for the capture files. The default storage location is the Sysdig Cloud Amazon S3 bucket. To configure a custom S3 storage bucket, refer to Configure AWS Capture File Storage.
The Sysdig agent will be signaled to start a capture, and send back the
resulting trace file. The file will then be displayed in the
Download a Capture File
To download a capture file:
Capturesmodule, navigate to the target capture file.
Select the target capture file.
Click theDownloadbutton. A capture file will be automatically downloaded to your local machine.
Delete Capture Files
To delete a single capture file:
Capturesmodule, select the capture file to be deleted.
Deletebutton at the bottom of the
Keep Fileprompt, click the
Deletebutton to confirm, or the
Keep Filebutton to cancel.
To delete all capture files:
Capturesmodule, click the
Yes, Delete Capturesbutton to confirm, or the Cancel button.