Qtap: An eBPF agent that captures pre-encrypted network traffic, providing rich context about egress connections and their originating processes. - qpoint-io/qtap
Another one I’ve used with limited success is ecapture. It can be tricky to debug processes in Docker because you need the ecapture executable with enough permissions to tap the process while also being able to see the libraries that the container uses.
Another one I’ve used with limited success is ecapture. It can be tricky to debug processes in Docker because you need the ecapture executable with enough permissions to tap the process while also being able to see the libraries that the container uses.
I’ll put this to use and see how well it works.