Observability
kldload ships with eBPF baked in — bcc, bpftrace, and perf are on every server profile. These guides take you from first traces through production monitoring stacks and custom eBPF programs.
Getting Started
Beginner
Your first eBPF traces — using bcc tools to watch syscalls, disk I/O, and network activity in real time.
Intermediate
Writing bpftrace one-liners, filtering and aggregating events, and building custom observability for your workloads.
Advanced
Production-grade eBPF — continuous profiling, flame graphs, latency histograms, and kernel-level debugging.
eBPF Deep Dives
eBPF Reference
Complete reference for eBPF on kldload — available tools, probe types, map types, and helper functions.
eBPF Security
Security monitoring with eBPF — detecting file access, process execution, network connections, and privilege escalation.
eBPF Performance
Performance analysis with eBPF — CPU profiling, memory allocation tracking, I/O latency, and scheduler analysis.
Custom eBPF Programs
Tracepoints & Probes Metrics & Exporters Core Dumps & Stacks XDP & TC Datapath eBPF CookbookWrite your own eBPF programs in C and load them with bcc or libbpf — custom probes for your specific infrastructure.
Monitoring
Monitoring Stack Glossary (355 terms) Help & Links
Deploy a full monitoring stack — Prometheus, Grafana, Loki, and node-exporter with eBPF-enhanced metrics collection.