Quick way to implement eBPF is via Falco Project. SDK support for higher level l... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		ArtWomb on Oct 8, 2020 \| parent \| context \| favorite \| on: Unlocking eBPF power Quick way to implement eBPF is via Falco Project. SDK support for higher level languages. Cool to see this spinoff from SysDig evolve into a fully funded cloud native product ;) https://falco.org/docs/

brendangregg on Oct 8, 2020 [–]

The article did instrumentation such as this:

  #!/snap/bin/bpftrace
  
  #include <net/bluetooth/bluetooth.h>
  #include <net/bluetooth/hci_core.h>
  
  kprobe:mgmt_device_found
  {
  $dev=( struct hci_dev *) arg0;
  printf("%s\n", $dev->name);
  }

AFAIK that's way beyond Falco's capabilities.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact