so, that talk where the guy showed a ./query-bpf (...
# ebpfa
ag4ve
09/29/2022, 8:35 PMso, that talk where the guy showed a ./query-bpf (which I searched for and couldn’t find) that created and deployed a program and filter and showed the events - that’s possible in osquery?
ag4ve
09/29/2022, 8:38 PMthink it was the talk about writing viaual bpf programs - i don’t much care about the visual part though, but being able to write a query and have everything deployed and get feedback sounds really slick
z
zwass
09/29/2022, 9:24 PM
This was something I asked @alessandrogario about in office hours this week. He says it will be possible to allow dynamic ebpf programs to be loaded in osquery (don't think there's a timeline yet).
a
alessandrogario
09/29/2022, 9:26 PM
Related https://asciinema.org/a/419326
3 Views