Introducing Container Observability With EBPF and Sysdig.

Introducing container observability with eBPF and Sysdig.

Today we’ve announced that we’ve officially added eBPF instrumentation to extend container observability with Sysdig monitoring, security and forensics solutions. eBPF – extended Berkeley Packet Filter – is a Linux-native in-kernel virtual machine that enables secure, low-overhead tracing for application performance and event observability and analysis. Don’t let the name fool you – eBPF delivers a lot more than network packet information (more on that below).

Sysdig now taps into eBPF to offer the deep visibility for cloud-native and container environments – from host and network data to container processes, resource utilization, and more. This is something we are already well-known for. Now we are taking advantage of eBPF to expand how and where we provide container observability.