Visualizing Process Connections in Linux

Did you have to track the dependencies of the system processes, “who's whose folder?”, Find the emperor and kill him, so that the slaves do not respawn? You can ps'at and grep'at, you can drive lsof, because it is so fascinating;) But any connections, it seems to me, it is always easier to analyze in visual form, console utilities draw good tablets, but it’s not always possible to quickly understand that what it is connected with and in what sequence, and for diagnostics it is very important.

lsof (abbr. LiSt Open Files) with a certain skill allows you to build graphs of relationships between running systems, who uses which files, who communicates with whom by what protocol. On Habré, there was already an article about how useful the lsof tool was , but it did not say anything about the -F switch, which allows you to display information not in a table, but as a sequence of individual lines that can be redirected to the input of another program for further processing.

lsofgraph was written, just under this -F, parsing this output is much more convenient than tabular output. Unfortunately, lsofgraph was written in Lua, but it is not everywhere, so it was rewritten in python: lsofgraph-python
')
The format is simple, and the code is quite understandable, so we will not dwell on it, but let’s go straight into battle. For drawing we will use graphviz, namely, its members, dot and unflatten.

If you want to get a complete picture of the system, then you will need to use sudo, if there is enough information on the current account, then you can do without sudo.

To create a graph:

sudo lsof -n -F | python lsofgraph.py | dot -Tjpg > /tmp/a.jpg 

I prefer the launch c unflatten, then the schedule is somehow more compact and beautiful:

 sudo lsof -n -F | python lsofgraph.py | unflatten -l 1 -c 6 | dot -T jpg > /tmp/a.jpg 

If you don’t like jpg, then you can choose svg there ...
An example of a graph on a fairly empty test virtual machine:



I hope that someone will still be useful;)