eBPF-Watchdog is a learning-driven project aimed at exploring and harnessing the power of eBPF (Extended Berkeley Packet Filter) to monitor file system activity. This tool keeps an eye on a specified directory and logs file-level operations such as create, read, write, and delete in real-time.
⚙️ This is my first eBPF project, and I’ll be using this repository not just to build the main tool but also to learn, experiment, and document everything I understand about eBPF along the way.
- ✅ Learn and understand core eBPF concepts and tools
- ✅ Build a file access monitoring system using eBPF
- ✅ Log real-time file events with process info
- ✅ Transfer logs from kernel space to user space
- ✅ Create a clean, extensible codebase for future enhancements