Closed fntlnz closed 2 years ago
In https://github.com/elastic/ebpf/pull/47 we implemented the API to consume kernel events.
In ebpf_event_ctx__new we have the events argument. We want to use that bitmask to filter the event types we read from the ringbuffer.
ebpf_event_ctx__new
events
Right now, specifying any filtering will not do anything.
In https://github.com/elastic/ebpf/pull/47 we implemented the API to consume kernel events.
In
ebpf_event_ctx__newwe have theeventsargument. We want to use that bitmask to filter the event types we read from the ringbuffer.Right now, specifying any filtering will not do anything.