This is a 100% live demo of the latest 0x.tools xtop and xcapture eBPF tools by Tanel Poder. We will go through these angles: - xtop: "top for wall clock time" - xcapture: "always on, very low overhead x-ray vision for Linux systems"| Zoom
To capture your attention, this is what you get: Table of contents What is xCapture? xCapture with modern eBPF Modular and decoupled at multiple levels Dimensional performance data analysis with DuckDB Top wall-clock time used by all threads Regular expressions in the filter Syscalls against network socket file descriptors What is the performance overhead? Performance overhead of active tracking probes Userspace processing overhead Running xcapture What’s next? What is xCapture? 0x. - Linux...| tanelpoder.com