This article details 12 command-line tools powered by eBPF for debugging and monitoring Linux systems, offering insights into kernel-level behavior with minimal overhead.
1. **bpftrace:** A high-level scripting language for on-demand kernel debugging.
2. **execsnoop:** Catches fleeting processes.
3. **opensnoop:** Identifies files processes are trying to open and any permission issues.
4. **tcplife:** Traces the duration of TCP sessions.
5. **gethostlatency:** Diagnoses DNS resolution delays.
6. **biotop:** Displays real-time disk I/O activity by process.
7. **biolatency:** Shows disk I/O latency histograms.
8. **tcpretrans:** Detects TCP retransmissions, indicating network issues.
9. **tcpconnect:** Traces outbound TCP connections.
10. **tcpaccept:** Traces inbound TCP connections.
11. **biosnoop:** Detailed view of block I/O operations.
12. **bpftool:** Inspects and debugs already running eBPF programs.
1. **bpftrace:** A high-level scripting language for on-demand kernel debugging.
2. **execsnoop:** Catches fleeting processes.
3. **opensnoop:** Identifies files processes are trying to open and any permission issues.
4. **tcplife:** Traces the duration of TCP sessions.
5. **gethostlatency:** Diagnoses DNS resolution delays.
6. **biotop:** Displays real-time disk I/O activity by process.
7. **biolatency:** Shows disk I/O latency histograms.
8. **tcpretrans:** Detects TCP retransmissions, indicating network issues.
9. **tcpconnect:** Traces outbound TCP connections.
10. **tcpaccept:** Traces inbound TCP connections.
11. **biosnoop:** Detailed view of block I/O operations.
12. **bpftool:** Inspects and debugs already running eBPF programs.
