eBPF
eBPF (extended Berkley Packet Filter) lets you listen to events that the operating system does, namely system calls, and take actions based on that.
Installation (Ubuntu)
echo "deb [trusted=yes] https://repo.iovisor.org/apt/xenial xenial-nightly main" | sudo tee /etc/apt/sources.list.d/iovisor.list
sudo apt-get update
sudo apt-get install bpfcc-toolsOverview
