the event information captured by sysdig is incomplete，and the evt.num is not consecutive？

draios / sysdig

Linux system exploration and troubleshooting tool with first class support for containers

http://www.sysdig.com/

Other

7.79k stars 728 forks source link

the event information captured by sysdig is incomplete，and the evt.num is not consecutive？ #2117

Closed KSGJ-CLOUD closed 4 months ago

KSGJ-CLOUD commented 5 months ago

I run sysdig in the terminal，but these event information is incomplete，that's why？ sysdig version：0.38.0-rc1 system：

therealbobo commented 4 months ago

The evt.num seems consecutive to me 🤔 The data captured by sysdig is limited to the snaplen setting which is 80 byte by default. If you need to capture more you can use the --snaplen option and accordingly set the snaplen with your needs. 😄