Ebpf Tracer
БесплатноНе проверенEnables LLMs to safely write and run bpftrace scripts against the Linux kernel for observability, with explicit probe allowlists and execution timeout.
Описание
Enables LLMs to safely write and run bpftrace scripts against the Linux kernel for observability, with explicit probe allowlists and execution timeout.
README
An MCP server that lets an LLM write and run bpftrace scripts against your kernel, gated by an explicit probe allowlist and a hard execution timeout.
It does not compile raw eBPF C. bpftrace is the engine -- it already handles BTF/CO-RE portability, hook attachment, and ring-buffer-to-text formatting, so this project is the orchestration and safety layer on top of it rather than a from-scratch eBPF compiler.
The ebpf-mcp-tracer is a secure MCP server that bridges LLMs and the Linux kernel by orchestrating bpftrace for natural-language, kernel-level observability. Instead of compiling raw eBPF C, it leverages bpftrace's built-in safety and portability while enforcing strict guardrails through explicit probe allowlists, blocked dangerous builtins, and hard execution timeouts. By exposing simple tools for probe discovery, dry-run validation, and timed trace execution over local stdio, it empowers AI agents to safely debug complex system bottlenecks and analyze process behavior without requiring deep eBPF expertise or risking host stability.
What it exposes
Three tools, callable by any MCP client (Claude Desktop, etc.):
list_probes(pattern)-- read-only listing of kernel probes (bpftrace -l)validate_script(script)-- safety allowlist check + compile-only dry run (bpftrace -d, no attachment)run_trace(script, duration_seconds)-- attaches and streams events for up to 60s, then detaches and returns parsed JSON events
And one resource: ebpf://system/kernel-info (kernel version, bpftrace
availability).
Setup on your machine
Install bpftrace:
sudo apt update && sudo apt install -y bpftraceConfirm it works standalone first:
sudo bpftrace -e 'BEGIN { printf("it works\n"); exit(); }'Install the Python deps:
cd ebpf-mcp-tracer python3 -m venv venv source venv/bin/activate pip install -r requirements.txtPermissions. bpftrace needs to load BPF programs into the kernel, which normally requires root. You have two options:
Simplest: run the MCP server process itself as root. Fine for a personal box, not something to do on a shared machine.
Better, if your kernel is 5.8+: grant the venv's python binary the specific capabilities bpftrace needs instead of full root:
sudo setcap cap_bpf,cap_perfmon,cap_sys_resource+ep $(readlink -f venv/bin/python3)Note this grants those capabilities to any script run by that exact python binary -- keep the venv dedicated to this project.
Test the server directly before wiring it into a client:
python3 -m mcp dev src/ebpf_mcp_tracer/server.pyor run it raw and talk to it over stdio:
python3 src/ebpf_mcp_tracer/server.pyPoint your MCP client at it. Example Claude Desktop config entry:
{ "mcpServers": { "ebpf-tracer": { "command": "/absolute/path/to/ebpf-mcp-tracer/venv/bin/python3", "args": ["/absolute/path/to/ebpf-mcp-tracer/src/ebpf_mcp_tracer/server.py"] } } }(Verify the exact config file location and key names against current Claude Desktop docs -- this has changed before.)
Running the tests
The safety-allowlist tests need no privileges and no bpftrace install:
pip install pytest
python3 -m pytest tests/test_safety.py -v
There's also a fake bpftrace shim at tests/fakebin/bpftrace used during
development to exercise the subprocess/timeout/JSON-parsing logic in
engine.py without needing a real kernel. You shouldn't need it once you
have the real binary installed, but it's there if you want to test changes
to engine.py without root.
Extending the probe allowlist
src/ebpf_mcp_tracer/safety.py has ALLOWED_PROBE_PATTERNS. Every probe
the LLM can attach to must match one of these regexes -- there are no
wildcards on purpose. To add a new function:
- Look up what it does and confirm it's safe to hook (read-only tracing, not something that can be abused to leak secrets across processes or degrade performance under load).
- Add an explicit pattern, e.g.
r"^kprobe:tcp_v4_connect$". - Re-run the safety tests.
Don't add kprobe:* or kprobe:do_*-style wildcards -- that defeats the
point of the allowlist.
For furthur documentation
Look into https://github.com/blackdragoon26/ebpf-mcp-tracer/blob/main/INSTALL.md
What's deliberately NOT here yet
- No
--unsafeflag anywhere, which meanssystem(),override(), and a few other dangerous bpftrace builtins are unreachable even if the allowlist regex check somehow had a hole. This is enforced at two independent layers on purpose. - No automatic verifier-error-to-LLM retry loop.
validate_scriptreturns the raw bpftrace compile error; wiring up an automatic "LLM reads the error and retries" loop is a natural next step once you've used this manually a few times and have a feel for what errors actually show up. - No network exposure. This talks stdio only. If you want this reachable remotely later, that's a real auth/access-control project on its own -- don't bolt on a port without thinking that through separately.
Установка Ebpf Tracer
У этого сервера нет опубликованного пакета — он собирается из исходников. Открой репозиторий и следуй инструкции в README.
▸ github.com/blackdragoon26/ebpf-mcp-tracerFAQ
Ebpf Tracer MCP бесплатный?
Да, Ebpf Tracer MCP бесплатный — установка в пару кликов через Unyly без оплаты.
Нужен ли API-ключ для Ebpf Tracer?
Нет, Ebpf Tracer работает без API-ключей и переменных окружения.
Ebpf Tracer — hosted или self-hosted?
Self-hosted: сервер запускается локально на твоей машине командой из раздела установки.
Как установить Ebpf Tracer в Claude Desktop, Claude Code или Cursor?
Открой Ebpf Tracer на unyly.org, выбери вкладку своего клиента (Claude Desktop, Claude Code, Cursor) и нажми Install — конфиг сгенерируется автоматически, без правки JSON.
Похожие MCP
GitHub
PRs, issues, code search, CI status
автор: GitHubFilesystem
Secure file operations with configurable access controls.
Memory
Knowledge graph-based persistent memory system.
Template MCP Server
A CLI tool to create a new Model Context Protocol server project with TypeScript support, dual transport options, and an extensible structure
автор: mcpdotdirectCompare Ebpf Tracer with
Не уверен что выбрать?
Найди свой стек за 60 секунд
Автор?
Embed-бейдж для README
Похожее
Все в категории development
