EDR Sensor: Is the kernel-devel package essential when installing with eBPF?
Article ID: 290489
Updated On:
Products
Carbon Black EDR (formerly Cb Response)
Issue/Introduction
When installing with eBPF, is the kernel-devel package essential?
Environment
- EDR Sensor: 7.x
- RedHat/CentOS: 8.x and Above
- SUSE: 12 and 15
- Ubuntu: 18.04 and 20.04
Resolution
Yes kernel-devel is required for any eBPF program. It is needed to create the BPF hooks.
Feedback
Yes
No
Powered by
