Slide 14
Slide 14 text
Appendix: Kubernetes-Scoped eBPF Actions
Apply eBPF actions selectively - block syscalls, monitor file access, or enforce
policies based on kubernetes metadata.
Configuration: Define rules in Tracing Policy
Namespace filters
Pod label selectors
Container-level filters Kernel Monitoring Hooks
Kernel
Tetragon Agent
Kill / Override
eBPF Programs
Perform actions
conditionally, based on
Kubernetes metadata