tracepoint

package
v1.2.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Oct 21, 2025 License: Apache-2.0 Imports: 21 Imported by: 0

Documentation

Index

Constants

View Source 
const (
	ExitLabel           = "exit"
	CleanupLabel        = "cleanup"
	PayloadSize  uint32 = 8 // [bytes]
)

Variables

This section is empty.

Functions

This section is empty.

Types

type Tracepoint 

type Tracepoint struct {
	// contains filtered or unexported fields
}

Tracepoint represents an eBPF tracepoint that monitors the `execve` syscall to detect ENOEXEC events. It captures the real parent and current task TGIDs and retrieves the corresponding pod and container UUIDs from the CRI-O runtime.

func NewTracepoint 

func NewTracepoint(ctx context.Context, ch chan *types.ENOEXECInternalEvent, maxEvents uint32) (*Tracepoint, error)

func (*Tracepoint) Run 

func (tp *Tracepoint) Run() error

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.