Displaying 1 to 20 from 40 results

skydive - An open source real-time network topology and protocols analyzer

  •    Go

Skydive is an open source real-time network topology and protocols analyzer. It aims to provide a comprehensive way of understanding what is happening in the network infrastructure. Skydive agents collect topology informations and flows and forward them to a central agent for further analysis. All the informations are stored in an Elasticsearch database.

ntopng - Web-based Traffic and Security Network Traffic Monitoring

  •    Lua

ntopng is a web-based network traffic monitoring application released under GPLv3. It is the new incarnation of the original ntop written in 1998, and now revamped in terms of performance, usability, and features. While you can read more about ntopng on the ntop web site (http://www.ntop.org), we suggest you to start reading the doc/README.md file for learning how to compile and use ntopng.

Cilium - eBPF-based Networking, Security, and Observability

  •    Go

Cilium is open source software for providing and transparently securing network connectivity and loadbalancing between application workloads such as application containers or processes. Cilium operates at Layer 3/4 to provide traditional networking and security services as well as Layer 7 to protect and secure use of modern application protocols such as HTTP, gRPC and Kafka. Cilium is integrated into common orchestration frameworks such as Kubernetes.




bpftrace - High-level tracing language for Linux eBPF

  •    C++

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter (eBPF) available in recent Linux kernels (4.x). BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing capabilities: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints. The BPFtrace language is inspired by awk and C, and predecessor tracers such as DTrace and SystemTap. BPFtrace was created by Alastair Robertson. To learn more about BPFtrace, see the Reference Guide and One-Liner Tutorial.

kubectl-trace - Schedule bpftrace programs on your kubernetes cluster using the kubectl

  •    Go

kubectl trace is a kubectl plugin that allows you to schedule the execution of bpftrace programs in your Kubernetes cluster. You can't find the package for your distro of choice? You are very welcome and encouraged to create it and then open an issue to inform us for review.

bpfd - Framework for running BPF programs with rules on Linux as a daemon. Container aware.

  •    Go

Framework for running BPF tracers with rules on Linux as a daemon. Container aware. This is not just "yet another tool to trace"...

p4c-xdp - Backend for the P4 compiler targeting XDP

  •    C

This work presents a P4 compiler backend targeting XDP, the eXpress Data Path. P4 is a domain-specific language describing how packets are processed by the data plane of a programmable network elements, including network interface cards, appliances, and virtual switches. With P4, programmers focus on defining the protocol parsing, matching, and action executions, instead of the platform-specific language or implementation details.XDP is designed for users who want programmability as well as performance. XDP allows users to write a C-like packet processing program and loads into the device driver's receiving queue. When the device observes an incoming packet, before hanging the packet to the Linux stack, the user-defined XDP program is triggered to execute against the packet payload, making the decision as early as possible.


grav - Performance visualisation tools

  •    Python

A collection of tools to help visualise process execution.This blog post has some detail on the rationale and implementation detail.

tracepkt - Trace a ping packet journey across network interfaces and namespace on recent Linux

  •    C

Trace a ping packet on the L2 layer, as it crosses Linux network interfaces and namespaces. Supports IPv4 and IPv6.The first 2 packets going from the current network namespace to a Docker container and going back, crossing a veth pair and a bridge.

ebpf_exporter - Prometheus exporter for custom eBPF metrics

  •    Go

Prometheus exporter for custom eBPF metrics. Motivation of this exporter is to allow you to write eBPF code and export metrics that are not otherwise accessible from the Linux kernel.

ebpf_exporter - A Prometheus exporter which uses eBPF to measure block IO request latency / size

  •    Go

ebpf_exporter is an experimental Prometheus exporter which uses eBPF kprobes to efficiently record a histogram of Linux bio request latencies and sizes. The included BPF program is loosely based on the examples shipped with IO Visor's BPF Compiler Collection, specifically the bitehist and disksnoop examples.

bpftrace - High-level tracing language for Linux eBPF

  •    C++

BPFtrace is a high-level tracing language for Linux enhanced Berkeley Packet Filter (eBPF) available in recent Linux kernels (4.x). BPFtrace uses LLVM as a backend to compile scripts to BPF-bytecode and makes use of BCC for interacting with the Linux BPF system, as well as existing Linux tracing capabilities: kernel dynamic tracing (kprobes), user-level dynamic tracing (uprobes), and tracepoints. The BPFtrace language is inspired by awk and C, and predecessor tracers such as DTrace and SystemTap.

ebpf - eBPF Utilities, Maps, and more

  •    Go

eBPF is a pure Go library that provides utilities for loading, compiling, and debugging eBPF programs. It has minimal external dependencies and is intended to be used in long running processes. ebpf/asm contains a basic assembler.

ingraind - Data first monitoring agent using (e)BPF, built on RedBPF

  •    Rust

Data-first monitoring. ingraind is a security monitoring agent built around RedBPF for complex containerized environments and endpoints. The ingraind agent uses eBPF probes to provide safe and performant instrumentation for any Linux-based environment.

redbpf - Rust library for building and running BPF/eBPF modules

  •    Rust

A Rust eBPF library. Targeting Rust 2018, so currently only builds on nightly.

go-ebpf - eBPF programs without a libbcc dependency

  •    Go

go-ebpf is a collection of example tools that use eBPF to collect metrics and data from the Linux kernel without using bcc. The eBPF programs are written in restricted C and then compiled into eBPF bytecode using clang and LLVM (llc). The bytecode is shipped with the Go program to avoid having a runtime dependency on clang and llc (normally you don't want to have compilers on your production systems). Package documentation can be found on GoDoc.

ebpf - eBPF package for Go

  •    Go

eBPF package for Go. Currently under active development. See documentation at https://godoc.org/acln.ro/ebpf.

tcptracer-bpf - eBPF program using kprobes to trace TCP events without run-time compilation dependencies

  •    Shell

tcptracer-bpf is an eBPF program using kprobes to trace TCP events (connect, accept, close). The eBPF program is compiled to an ELF object file. tcptracer-bpf also provides a Go library that provides a simple API for loading the ELF object file. Internally, it is using the gobpf elf package.

libebpfflow - Container traffic visibility library based on eBPF

  •    C

You need a modern eBPF-enabled Linux distribution. The library comes with two different tools: ebpflowexport and go_ebpflowexport. In the Build section is reported how to build the tools. Although both tools were developed to show potential library usage and to provide guidance on how to use the library, ebpflowexport displays all the information provided by libebpfflow and provides some options for filtering flow events while go_ebpflowexport displays only basic information concerning events.






We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.