Sysdig recently presented at Cloud Field Day, and we were fortunate to have Ned Bellavance around the table as a delegate. Sysdig was founded by the co-author of Wireshark based on the idea that packet capture on the wire is dead. Sysdig instead aims to capture all traffic information from containers for analysis. They do this with a lightweight container on each host that can access a extended Berkeley Packet Filter running on the kernel. Ned found this a compelling architecture for the monitoring challenges that cloud-native applications introduce.