| by Arround The Web

Data-Centric Tracing Using BPF

Learn how to trace kernel data structures using BPF, and libbpf in particular, to enable observability of kernel function execution.
The post Data-Centric Tracing Using BPF appeared first on Linux Today.

Share Button
Read More
| by Arround The Web

Microsoft Ported Sysmon to Linux and Made it Open Source

Microsoft has ported the Sysmon activity monitoring service to the Linux platform. To monitor the work of Linux, the eBPF subsystem is used, which allows you to run handlers that work at the kernel level of the operating system. The SysinternalsEBPF library is being developed separately, which includes functions useful for creating BPF handlers for […]

The post Microsoft Ported Sysmon to Linux and Made it Open Source appeared first on Linux Today.

Share Button
Read More