Linux. Ebpf. Monitoring

Linux.EBPF.Monitoring artifact #

This artifact contains rules designed to monitor a Linux host using EBPF.

Base Artifact: Linux.Sigma.EBPFBase

You can download the artifact pack here Linux-Sigma-EBPF.zip and customize using instructions at Customizing Artifacts