Introducing Container Observability With EBPF and Sysdig.
Today we’ve announced that we’ve officially added eBPF instrumentation to extend container observability with Sysdig monitoring, security and forensics solutions. eBPF – extended Berkeley Packet Filter – is a Linux-native in-kernel virtual machine that enables secure, low-overhead tracing for application performance and event observability and analysis. Don’t let the name fool you – eBPF delivers a lot more than network packet information (more on that below).
Sysdig now taps into eBPF to offer the deep visibility for cloud-native and container environments – from host and network data to container processes, resource utilization, and more. This is something we are already well-known for. Now we are taking advantage of eBPF to expand how and where we provide container observability.