Slacker News Slacker News logo featuring a lazy sloth with a folded newspaper hat
  • top
  • new
  • show
  • ask
  • jobs
Library
← Back to context

Comment by geraldcombs

1 month ago

You might try passing `--modern-bpf` to sysdig. It has traditionally captured syscalls using a kernel module, and it sounds like that's where your errors are coming from. Newer versions have added eBPF support, which doesn't require a kmod but you have to pass in the `--modern-bpf` flag.

1 comment

geraldcombs

Reply
beaugunderson  1 month ago

Absolutely nailed it, that worked! Thanks so much for the pointer.

Slacker News

Product

  • API Reference
  • Hacker News RSS
  • Source on GitHub

Community

  • Support Ukraine
  • Equal Justice Initiative
  • GiveWell Charities