Show HN: Linnix – eBPF observability that predicts failures before they happen

Show HN: Linnix – eBPF observability that predicts failures before they happen I kept missing incidents until it was too late. By the time my monitoring alerted me, servers/nodes were already unrecoverable.

So I built Linnix. It watches your Linux systems at the kernel level using eBPF and tries to catch problems before they cascade into outages.

The idea is simple: instead of alerting you after your server runs out of memory, it notices when memory allocation patterns look weird and tells you "hey, this looks bad."

It uses a local LLM to spot patterns. Not trying to build AGI here - just pattern matching on process behavior. Turns out LLMs are actually pretty good at this.

Example: it flagged higher memory consumption over a short period and alerted me before it was too late. Turned out to be a memory leak that would've killed the process.

Quick start if you want to try it:

  docker pull ghcr.io/linnix-os/cognitod:latest
  docker-compose up -d

Setup takes about 5 minutes. Everything runs locally - your data doesn't leave your machine.

The main difference from tools like Prometheus: most monitoring parses /proc files. This uses eBPF to get data directly from the kernel. More accurate, way less overhead.

Built it in Rust using the Aya framework. No libbpf, no C - pure Rust all the way down. Makes the kernel interactions less scary.

Current state: - Works on any Linux 5.8+ with BTF - Monitors Docker/Kubernetes containers - Exports to Prometheus - Apache 2.0 license

Still rough around the edges. Actively working on it.

Would love to know: - What kinds of failures do you wish you could catch earlier? - Does this seem useful for your setup?

GitHub: https://github.com/linnix-os/linnix

Happy to answer questions about how it works.