How to Instrument UserLand Apps with eBPF

eBPF has revolutionized the observability landscape in the Linux kernel. Throughout our previous blog post series, I covered the fundamental building blocks of the eBPF ecosystem, scratched the surface of XDP and showed how closely it cooperates with the eBPF infrastructure to introduce a fast-processing datapath in the networking stack. Nevertheless, eBPF is not exclusive to kernel-space tracing.

power admin

How To Get The Most Out Of The Linux Screen Command

If you’re logging onto a service or running remote command line operations over a network link via the Secure Shell (SSH) protocol, the last thing you need is for your session to be cut off by a faulty connection. This scenario is all too common – but for Linux users, the Screen utility can prevent it from occurring.

pandora fms

CentOS 8: a clone that reinvents itself

It has taken much longer than usual for the CentOS team to provide us with a new version of their operating system; however, the wait is over. The new CentOS 8 is here. CentOS, or Community ENTerprise Operating System, is a binary-level clone of the RHEL (Red Hat Enterprise Linux) distribution that can be accessed for free. For those unfamiliar with Red Hat, Red Hat offers open source, enterprise-oriented software solutions with enterprise-level support.


A catastrophic flaw in Linux sudo command with a simple fix using Desktop Central

A critical vulnerability in sudo has been disclosed, that when exploited, enables users to bypass security restrictions and execute commands as the root user. This security flaw has to be swiftly remediated as sudo is one of the most integral and commonly used functionalities in Linux operating systems.


How to detect CVE-2019-14287 using Falco

A recent flaw, CVE-2019-14287, has been found in sudo. In this blogpost, we are going to show you how to use Falco or Sysdig Secure, to detect any exploit attempts against this vulnerability. sudo allows users to run commands with other user privileges. It is typically used to allow unprivileged users to execute commands as root. The issue exists in the way sudo has implemented running commands with an arbitrary user ID in versions earlier than 1.8.28.


How to Do Effective Infrastructure Monitoring for Linux with Grafana

Grafana Labs has 8+ clusters in GKE running 270 nodes of various sizes, and all the hosted metrics and hosted log Grafana Cloud offerings are run on 16-core, 64-gig machines. At the recent All Systems Go! conference in Berlin, David Kaltschmidt, Director, User Experience, gave a talk about what monitoring these clusters and servers looks like at Grafana Labs and shared some best practices.


How to Monitor Syslog Data with Sumo Logic

If you are reading this article, you’re probably familiar with syslog, a logging tool that has been around since the 1980s. It is a daemon present in most Linux-based operating systems. By default, syslog (and variants like rsyslog) on Linux systems can be used to forward logs to central syslog servers or monitoring platforms where further analysis can be conducted. That’s useful, but to make the very most of syslog, you also want to be able to analyze log data.


Seccomp in the Elastic Stack

After giving a presentation about what is done in Elasticsearch to improve out-of-the-box security, safety and usability and engaging in a couple of follow-up discussions at different events, I decided to dig a little bit deeper into the topic of Linux’s seccomp. The idea of seccomp is to prevent the execution of certain system calls by a given application.

power admin

How to Choose a Linux Distro for Your Server

By Des Nnochiri Whether it’s for network and system administration, database management, web services, or other business functions, chances are you’ll need robust servers as part of your IT infrastructure armory. Traditionally, a server running a Linux operating system has been the preferred option for enterprise use. But which Linux distribution (or distro) is the right one for your particular use case?