diff --git a/observation/src/filesnoop/filesnoop.bpf.c b/observation/src/filesnoop/filesnoop.bpf.c
index cfce8645ea0fd15d25348242abfd9c3f4d235291..2d79190d026ab582748fb7690d7c9f2a80d3e580 100644
--- a/observation/src/filesnoop/filesnoop.bpf.c
+++ b/observation/src/filesnoop/filesnoop.bpf.c
@@ -52,3 +52,17 @@ struct {
 	__type(key, pid_t);
 	__type(value, struct print_value);
 } prints SEC(".maps");
+
+/* Filter filename */
+static __always_inline bool filename_matched(const char *filename)
+{
+	if (!filter_filename)
+		return true;
+
+	for (int i = 0; i < target_filename_sz && i < FSFILENAME_MAX ; i++) {
+		if (filename[i] != target_filename[i])
+			return false;
+	}
+
+	return true;
+}