an example that uses fentry and fexit BPF programs for tracing a file is deleted Run eBPF program in a line sudo ecli run fentry-link Fentry fentry is an example that uses fentry and fexit...

an example of a simple (but realistic) BPF application tracks process starts (exec() family of syscalls, to be precise) and exits Run eBPF program in a line sudo ecli run bootstrap bootstra...

This tool traces the kernel function performing socket binding and print socket options set before the system call. Run eBPF program in a line sudo ecli run bindsnoop origin origin from: ...