Packages and Binaries:
tetragon
EBPF-based Security Observability and Runtime Enforcement (tetra CLI)
Cilium’s new Tetragon component enables powerful realtime, eBPF-based Security
Observability and Runtime Enforcement.
Tetragon detects and is able to react to security-significant events, such as: - Process execution events - System call activity - I/O activity including network & file access
When used in a Kubernetes environment, Tetragon is Kubernetes-aware - that is, it understands Kubernetes identities such as namespaces, pods and so-on - so that security event detection can be configured in relation to individual workloads.
This package contains the tool tetra CLI.
Installed size: 50.70 MB
How to install: sudo apt install tetragon
Dependencies:
- bpftool
- libc6
tetra
root@kali:~# tetra -h
Tetragon CLI
Usage:
tetra [flags]
tetra [command]
Available Commands:
bugtool Produce a tar archive with debug information
completion Generate the autocompletion script for the specified shell
cri connect to CRI
eventlog Manage event exporter logging parameters
explain List the fields for supported resources
getevents Print events
help Help about any command
info Retrieve information from the server
loglevel Get and dynamically change the log level
policytest Tetragon policy tests
probe Probe for eBPF system features availability
status Print health status
tracingpolicy Manage tracing policies
version Print version from CLI and server
Flags:
-d, --debug Enable debug messages
-h, --help help for tetra
--max-recv-size int Maximum gRPC message size in bytes the client can receive (default 10485760)
--retries int Connection retries with exponential backoff (default 1)
--server-address string gRPC server address
--timeout duration Connection timeout (default 30s)
Use "tetra [command] --help" for more information about a command.
Learn more with OffSec
Want to learn more about tetragon? get access to in-depth training and hands-on labs:
Updated on: 2026-May-25