[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"project-6605":3},{"id":4,"name":5,"fullName":6,"owner":7,"repo":5,"description":8,"homepage":9,"htmlUrl":10,"language":11,"languages":10,"totalLinesOfCode":10,"stars":12,"forks":13,"watchers":14,"openIssues":15,"contributorsCount":16,"subscribersCount":16,"size":16,"stars1d":17,"stars7d":18,"stars30d":19,"stars90d":16,"forks30d":16,"starsTrendScore":20,"compositeScore":21,"rankGlobal":10,"rankLanguage":10,"license":22,"archived":23,"fork":23,"defaultBranch":24,"hasWiki":23,"hasPages":25,"topics":26,"createdAt":10,"pushedAt":10,"updatedAt":32,"readmeContent":33,"aiSummary":34,"trendingCount":16,"starSnapshotCount":16,"syncStatus":17,"lastSyncTime":35,"discoverSource":36},6605,"tetragon","cilium\u002Ftetragon","cilium","eBPF-based Security Observability and Runtime Enforcement","https:\u002F\u002Ftetragon.io",null,"C",4745,559,53,122,0,2,21,97,11,30.24,"Apache License 2.0",false,"main",true,[27,28,29,30,31],"bpf","ebpf","kernel","kubernetes","security","2026-06-12 02:01:27","\u003Ca href=\"https:\u002F\u002Ftetragon.io\">\n  \u003Cpicture>\n    \u003Csource media=\"(prefers-color-scheme: light)\" srcset=\"docs\u002Fassets\u002Ficons\u002Flogo.svg\" width=\"400\">\n    \u003Cimg src=\"docs\u002Fassets\u002Ficons\u002Flogo-dark.svg\" width=\"400\">\n  \u003C\u002Fpicture>\n\u003C\u002Fa>\n\n[![License](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002FLicense-Apache_2.0-blue.svg)](https:\u002F\u002Fopensource.org\u002Flicenses\u002FApache-2.0)\n[![License](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-BSD-blue.svg)](https:\u002F\u002Fopensource.org\u002Flicense\u002Fbsd-2-clause\u002F)\n[![License](https:\u002F\u002Fimg.shields.io\u002Fbadge\u002Flicense-GPL-blue.svg)](https:\u002F\u002Fopensource.org\u002Flicense\u002Fgpl-2-0\u002F)\n\n---\n\nCilium’s new [Tetragon](https:\u002F\u002Ftetragon.io) component enables powerful\nreal-time, eBPF-based Security Observability and Runtime Enforcement.\n\nTetragon detects and is able to react to security-significant events, such as\n\n- Process execution events\n- System call activity\n- I\u002FO activity including network & file access\n\nWhen used in a Kubernetes environment, Tetragon is Kubernetes-aware - that is,\nit understands Kubernetes identities such as namespaces, pods and so on - so\nthat security event detection can be configured in relation to individual\nworkloads.\n\n[![Tetragon Overview Diagram](https:\u002F\u002Fgithub.com\u002Fcilium\u002Ftetragon\u002Fblob\u002Fmain\u002Fdocs\u002Fstatic\u002Fimages\u002Fsmart_observability.png)](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Foverview\u002F)\n\nSee more about [how Tetragon is using eBPF](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Foverview#functionality-overview).\n\n## Getting started\n\nRefer to the [official documentation of Tetragon](https:\u002F\u002Ftetragon.io\u002Fdocs\u002F).\n\nTo get started with Tetragon, take a look at the [getting started\nguides](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fgetting-started\u002F) to:\n- [Try Tetragon on Kubernetes](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fgetting-started\u002Finstall-k8s\u002F)\n- [Try Tetragon on Linux](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fgetting-started\u002Finstall-docker\u002F)\n- [Deploy Tetragon](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Finstallation\u002F)\n- [Install the Tetra CLI](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Finstallation\u002Ftetra-cli\u002F)\n\nTetragon is able to observe critical hooks in the kernel through its sensors\nand generates events enriched with Linux and Kubernetes metadata:\n1. **Process lifecycle**: generating `process_exec` and `process_exit` events\n   by default, enabling full process lifecycle observability. Learn more about\n   these events on the [process lifecycle use case page](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fuse-cases\u002Fprocess-lifecycle\u002F).\n1. **Generic tracing**: generating `process_kprobe`, `process_tracepoint` and\n   `process_uprobe` events for more advanced and custom use cases. Learn more\n   about these events on the [TracingPolicy concept page](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fconcepts\u002Ftracing-policy\u002F)\n   and discover [multiple use cases](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fuse-cases\u002F) like:\n   - [🌏 network observability](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fuse-cases\u002Fnetwork-observability\u002F)\n   - [📂 filename access](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fuse-cases\u002Ffilename-access\u002F)\n   - [🔑 credentials monitoring](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fuse-cases\u002Flinux-process-credentials\u002F)\n   - [🔓 privileged execution](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fuse-cases\u002Fprocess-lifecycle\u002Fprivileged-execution\u002F)\n\nSee further resources:\n- [Conference Talks, Books, Blog Posts, and Labs](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fresources\u002F)\n- [Frequently Asked Question](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Finstallation\u002Ffaq\u002F)\n- [References](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Freference\u002F)\n\n## Join the community\n\nJoin the Tetragon [💬 Slack channel](https:\u002F\u002Fslack.cilium.io) and the\n[📅 Community Call](https:\u002F\u002Fisogo.to\u002Ftetragon-meeting-notes) to chat with\ndevelopers, maintainers, and other users. This is a good first stop to ask\nquestions and share your experiences.\n\n## How to Contribute\n\nFor getting started with local development, you can refer to the\n[Contribution Guide](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fcontribution-guide\u002F). If\nyou plan to submit a PR, please [\"sign-off\"](https:\u002F\u002Ftetragon.io\u002Fdocs\u002Fcontribution-guide\u002Fdeveloper-certificate-of-origin\u002F)\nyour commits.\n\n## Adopters\n\nA list of adopters of the Tetragon project and who is deploying it in\nproduction, and of their use cases, can be found in the\n[USERS.md](https:\u002F\u002Fgithub.com\u002Fcilium\u002Ftetragon\u002Fblob\u002Fmain\u002FUSERS.md) file.\n","Tetragon 是一个基于 eBPF 的安全可观测性和运行时强制执行工具。它能够实时检测和响应关键的安全事件，如进程执行、系统调用活动以及网络和文件访问等 I\u002FO 活动。在 Kubernetes 环境中，Tetragon 可以识别 Kubernetes 的命名空间、Pod 等身份信息，从而根据具体的工作负载配置安全事件检测。该工具通过内核中的传感器观察关键钩子，并生成包含 Linux 和 Kubernetes 元数据的事件，支持进程生命周期管理和通用跟踪等多种高级使用场景。适用于需要增强容器化应用或 Linux 系统安全监控与防护的企业环境。","2026-06-11 03:07:51","top_language"]