Skip to content

bivex/AgentCgroup

Β 
Β 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

175 Commits
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 
Β 

Repository files navigation

AgentSight: Zero-Instrumentation LLM Agent Observability with eBPF

License: MIT Build Status

AgentSight is a observability tool designed specifically for monitoring LLM agent behavior through SSL/TLS traffic interception and process monitoring. Unlike traditional application-level instrumentation, AgentSight observes at the system boundary using eBPF technology, providing comprehensive insights into AI agent interactions with minimal performance overhead.

✨ Zero Instrumentation Required - No code changes, no new dependencies, no SDKs. Works with any AI framework or application out of the box.

Quick Start

wget https://github.com/eunomia-bpf/agentsight/releases/latest/download/agentsight && chmod +x agentsight
# Record agent behavior from claude
sudo ./agentsight record -c "claude"
# Record agent behavior from gemini-cli (comm is "node")
sudo ./agentsight record -c "node"
# For Python AI tools
sudo ./agentsight record -c "python"
# Record claude or gemini activity with NVM Node.js, if bundle OpenSSL statically
sudo ./agentsight record --binary-path /usr/bin/node -c node

Visit http://127.0.0.1:7395 to view the recorded data.

AgentSight Demo - Process Tree Visualization

Real-time process tree visualization showing AI agent interactions and file operations

AgentSight Demo - Timeline Visualization

Real-time timeline visualization showing AI agent interactions and system calls

AgentSight Demo - Metrics Visualization

Real-time metrics visualization showing AI agent memory and CPU usage

πŸš€ Why AgentSight?

Traditional Observability vs. System-Level Monitoring

Challenge Application-Level Tools AgentSight Solution
Framework Adoption ❌ New SDK/proxy for each framework βœ… Drop-in daemon, no code changes
Closed-Source Tools ❌ Limited visibility into operations βœ… Complete visibility into prompts & behaviors
Dynamic Agent Behavior ❌ Logs can be silenced or manipulated βœ… Kernel-level hooks for reliable monitoring
Encrypted Traffic ❌ Only sees wrapper outputs βœ… Captures real unencrypted requests/responses
System Interactions ❌ Misses subprocess executions βœ… Tracks all process behaviors & file operations
Multi-Agent Systems ❌ Isolated per-process tracing βœ… Global correlation and analysis

AgentSight captures critical interactions that application-level tools miss:

  • Subprocess executions that bypass instrumentation
  • Raw encrypted payloads before agent processing
  • File operations and system resource access
  • Cross-agent communications and coordination

πŸ—οΈ Architecture

β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚              AI Agent Runtime                   β”‚
β”‚   β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”   β”‚
β”‚   β”‚    Application-Level Observability      β”‚   β”‚
β”‚   β”‚  (LangSmith, Helicone, Langfuse, etc.)  β”‚   β”‚
β”‚   β”‚         πŸ”΄ Can be bypassed               β”‚   β”‚
β”‚   β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜   β”‚
β”‚                     ↕ (Can be bypassed)         β”‚
β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ ← System Boundary
β”‚  🟒 AgentSight eBPF Monitoring (Kernel-level)   β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”   β”‚
β”‚  β”‚   SSL Traffic   β”‚  β”‚    Process Events   β”‚   β”‚
β”‚  β”‚   Monitoring    β”‚  β”‚    Monitoring       β”‚   β”‚
β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜   β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                      ↓
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚         Rust Streaming Analysis Framework       β”‚
β”‚  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”  β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”  β”‚
β”‚  β”‚   Runners   β”‚  β”‚  Analyzers   β”‚  β”‚ Output β”‚  β”‚
β”‚  β”‚ (Collectors)β”‚  β”‚ (Processors) β”‚  β”‚        β”‚  β”‚
β”‚  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β””β”€β”€β”€β”€β”€β”€β”€β”€β”˜  β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜
                      ↓
β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”
β”‚           Frontend Visualization                β”‚
β”‚     Timeline β€’ Process Tree β€’ Event Logs       β”‚
β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜

Core Components

  1. eBPF Data Collection (Kernel Space)

    • SSL Monitor: Intercepts SSL/TLS read/write operations via uprobe hooks
    • Process Monitor: Tracks process lifecycle and file operations via tracepoints
    • <3% Performance Overhead: Operates below application layer with minimal impact
  2. Rust Streaming Framework (User Space)

    • Runners: Execute eBPF programs and stream JSON events (SSL, Process, Agent, Combined)
    • Analyzers: Pluggable processors for HTTP parsing, chunk merging, filtering, logging
    • Event System: Standardized event format with rich metadata and JSON payloads
  3. Frontend Visualization (React/TypeScript)

    • Interactive timeline, process tree, and log views
    • Real-time data streaming and analysis
    • See "Web Interface Access" section for details

Data Flow Pipeline

eBPF Programs β†’ JSON Events β†’ Runners β†’ Analyzer Chain β†’ Frontend/Storage/Output

Usage

Prerequisites

  • Linux kernel: 4.1+ with eBPF support (5.0+ recommended)
  • Root privileges: Required for eBPF program loading
  • Rust toolchain: 1.88.0+ (for building collector)
  • Node.js: 18+ (for frontend development)
  • Build tools: clang, llvm, libelf-dev

Installation

Option 1: Using Docker (Recommended)

AgentSight runs in Docker with --privileged for eBPF, --pid=host to access host processes, -v /sys:/sys:ro for process monitoring, and -v /usr:/usr:ro -v /lib:/lib:ro for SSL library access (required to attach uprobes to shared libraries like libssl.so). Example:

docker run --privileged --pid=host --network=host \
  -v /sys:/sys:ro -v /usr:/usr:ro -v /lib:/lib:ro \
  -v $(pwd)/logs:/logs \
  ghcr.io/eunomia-bpf/agentsight:latest \
  record --comm claude --log-file /logs/record.log

Option 2: Build from Source

# Clone repository with submodules
git clone https://github.com/eunomia-bpf/agentsight.git --recursive
cd agentsight

# Install system dependencies (Ubuntu/Debian)
make install

# Build all components (frontend, eBPF, and Rust)
make build

# Or build individually:
# make build-frontend  # Build frontend assets
# make build-bpf       # Build eBPF programs
# make build-rust      # Build Rust collector

Usage Examples

Advanced Monitoring

# Combined SSL and process monitoring with web interface
sudo ./agentsight trace --ssl --process --server

# Custom port and log file
sudo ./agentsight record -c "python" --server-port 8080 --log-file /tmp/agent.log

NVM Node.js Applications

For Node.js installed via NVM, use the --binary-path option:

# Monitor Node.js applications with statically-linked SSL
sudo ./agentsight ssl --binary-path ~/.nvm/versions/node/v20.0.0/bin/node --comm node

# Record with custom binary path
sudo ./agentsight record -c node -- --binary-path ~/.nvm/versions/node/v20.0.0/bin/node

Direct eBPF Program Usage

# Run eBPF programs directly for development/testing
sudo ./bpf/sslsniff --binary-path ~/.nvm/versions/node/v20.0.0/bin/node --verbose
sudo ./bpf/process -c python

Web Interface Access

All monitoring commands with --server flag provide web visualization at:

❓ Frequently Asked Questions

General

Q: How does AgentSight differ from traditional APM tools? A: AgentSight operates at the kernel level using eBPF, providing system-level monitoring that is independent of application code. Traditional APM requires instrumentation that can be modified or disabled.

Q: What's the performance impact? A: Less than 3% CPU overhead due to optimized eBPF kernel-space data collection.

Q: Can agents detect they're being monitored?
A: Detection is extremely difficult since monitoring occurs at the kernel level without code modification.

Technical

Q: Which Linux distributions are supported? A: Any distribution with kernel 4.1+ (5.0+ recommended). Tested on Ubuntu 20.04+, CentOS 8+, RHEL 8+.

Q: Can I monitor multiple agents simultaneously?
A: Yes, use combined monitoring modes for concurrent multi-agent observation with correlation.

Q: How do I filter sensitive data?
A: Built-in analyzers can remove authentication headers and filter specific content patterns.

Q: Why doesn't AgentSight capture traffic from my NVM Node.js application? A: NVM Node.js binaries statically link OpenSSL instead of using system libraries. See the "NVM Node.js Applications" section for --binary-path usage examples.

Troubleshooting

Q: "Permission denied" errors
A: Ensure you're running with sudo or have CAP_BPF and CAP_SYS_ADMIN capabilities.

Q: "Failed to load eBPF program" errors A: Verify kernel version meets requirements (see Prerequisites). Update vmlinux.h for your architecture if needed.

🀝 Contributing

We welcome contributions! After cloning and building (see Installation above), you can:

# Run tests
make test

# Frontend development server
cd frontend && npm run dev

# Build debug versions with AddressSanitizer
make -C bpf debug

Key Resources

πŸ“„ License

MIT License - see LICENSE for details.


πŸ’‘ The Future of AI Observability: As AI agents become more autonomous and capable of self-modification, traditional observability approaches become insufficient. AgentSight provides independent, system-level monitoring for safe AI deployment at scale.

About

🐳 DOCKER AGENT OOM PROOF. Persist tool results through crashes. Robust agent containerization. πŸ›‘οΈ

Topics

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages

  • C 95.3%
  • Rust 2.2%
  • Python 1.4%
  • TypeScript 0.9%
  • Shell 0.1%
  • Makefile 0.1%