search

vitalyvch / strace.ebpf

This repository contains a tool which traces syscalls in a fast way using eBPF linux kernel feature
https://github.com/vitalyvch/strace.ebpf
Other
16 stars 6 forks source link
bcc ebpf ebpf-programs iovisor kprobes syscall syscalls tracepoints

readme

This directory contains a tool which traces syscalls in a fast way using eBPF linux kernel feature.

DEPENDENCIES: The strace.ebpf depends on libbcc library.

Bcc sources:

https://github.com/iovisor/bcc

Installation:

https://github.com/iovisor/bcc/blob/master/INSTALL.md

WARNING

Some old libbcc packages require manual coping of libbcc.pc from sources to appropriate place in a system. In case of Ubuntu 16.04 LTS appropriate place is /usr/lib/x86_64-linux-gnu/pkgconfig/libbcc.pc.

CONTACTS

For more information on this tool, contact Vitalii Chernookyi (vitalii.chernookyi@intel.com), or create an issue at https://github.com/vitalyvch/strace.ebpf/issues