Gianluca Borello

Hi, was wondering if by any chance there are any updates on this? Let me know in case you'd like for me to open an issue to mysql shell or...

Thank you for taking a lead on this, much appreciated!

Thanks for reviewing. I think we can merge this whenever one of the following events will happen: 1) We need to change some other bpf code: if we do that,...

That's an interesting idea, and I'd be curious to hear your practical use case as well. As you can imagine, this is not trivial to implement. As a temporary solution,...

Confirmed. In f_proc_startupdate() (ppm_fillers.c) we use current->mm to get the command line of the new executable, which doesn't work when execve fails. In that case, it should be possible to...

Unfortunately that's the only way we're aware of, which is why code like this: https://github.com/draios/sysdig/commit/a37b49849ca9fc64de8822e4ff319722daff5757 was never merged into master in the first place. However, parsing the exe from the...

Hi, Thanks for liking sysdig. We definitely are planning a tighter integration with the networking subsystem in order to correlate system and network events, not necessarily to replace tcpdump which...

You are correct, there seems to be an inconsistency. The one from scap is a pid, the one returned by the driver is a tid, so depending on when sysdig...

Same inconsistency as described above: it's a pid if you're fetching the process info from /proc at scap startup, it's a tid if you're getting it from the driver via...

That would be nice. I can give you two inspiration points: 1) Since both ps and top show the TTY as a user friendly string, just look into their code...