Photo by Cara Fuller on Unsplash

Photo by Cara Fuller on Unsplash

System Analysis with Stratoshark

Giving Chase

Article from ADMIN 91/2026
By
Wireshark is famous for providing insights into network issues, but it often has zero visibility on host systems. Stratoshark aims to eliminate this blind spot by analyzing system calls.

A computer uses various installed applications that often need to access external resources. For example, a web conferencing application needs access to the network and to sound devices. In contrast, a spreadsheet application needs to access hard drives, SSDs, or network drives. Of course, these applications do not inherently know on what mechanisms this access relies, which is where the operating system and system calls come into play.

The operating system knows the mechanisms for distinguishing between WiFi and Ethernet as well as between Bluetooth and wired headsets, removing the need for applications to take these differences into account themselves.To do so, the operating system offers a set of standardized functions, known as system calls (e.g., read(), write(), socket(), sendmsg()) that applications use to access these external devices or files. These functions play an important role when you need to investigate more closely how an application behaves in error situations or during security analyses – whether the application is accessing files or communicating on the network.

Thus far, this aspect has been a blind spot in an overall analysis. A new tool aims to provide visibility at the operating system level.

System Calls

Stratoshark [1] now offers the ability to analyze both these system calls and to log messages – much as Wireshark does for network packets. The focus here is on system calls. Stratoshark, a new open source tool by the Wireshark Foundation, is largely based on the Wireshark source code. It was developed under the auspices of Gerald Combs, Wireshark's inventor. His current employer, Sysdig, also provided the Falco and Sysdig capture tools required for activities and logging.

Stratoshark complements existing analysis tools with operating system

...
Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy ADMIN Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Sysdig Launches Open Source Stratoshark for Cloud Observability
    more »
  • News for Admins
    In the news: Palo Alto Networks Introduces Cortex Cloud; Canonical to Provide 12 Years of Kubernetes Support; Mirantis Releases Open Source k0rdent; D-Wave Now Offers On-Premises Quantum Computing Systems; IP Fabric 7.0 Released; UK Releases Code of Practice for Securing AI; Red Hat Releases Kubernetes-Native Connectivity Link; OpenVox Automation Framework Announced; Sysdig Launches Open Source Stratoshark for Cloud Observability; Data Center Electricity Demand Projected to Double or Triple by 2028; Red Hat Releases OpenShift Virtualization Tools; 16GB Raspberry Pi 5 Announced; Open Storage Network Adds More Sites.
    more »
comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs

Most Popular

Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”> </a> <hr> </div> </div> <div class=