Now You See Me Too: Visual Tooling for Advanced System Analysis

Command line tools ensure lowest friction and entry bar for system analysis. However, visual analysis yields more information in a shorter amount of time. As an example, when an application crashes or an elusive transient bug occurs, understanding of callstack that led to the anomaly is a valuable information. Recording such function call graphs of the application and displaying them on the command line as huge chunks of text has been a common occurrence and a quick resort for such analyses. However, methodical analysis requires better visuals. Modern representations, such as FlameGraphs, FlameCharts, and Sun-bursts in such cases, have shown how effective the same analysis can be, when represented visually. However, there are hundreds of techniques to gather trace/debug data, and understanding of what visual tool to represent which data can be a daunting task. This talk focuses on the various visual tools available for common system analysis and debugging scenarios. We explore some open source tools used in system tracing and the representation formats for such data comping from multiple sources such as LTTng and eBPF. We explore historical origins of such visual representations and see the evolution of research ideas to concrete modern tools. We also discuss how in a few minutes you can easily enhance the same tools and develop new views to visualize a wide range of data—from network capture, Container/VM tracing to even hardware traces coming directly from CPUs—all in the same tool.