diff --git a/examples/hello_world.py b/examples/hello_world.py
new file mode 100755
index 000000000000..39dc85c975e3
--- /dev/null
+++ b/examples/hello_world.py
@@ -0,0 +1,23 @@
+#!/usr/bin/env python
+# Copyright (c) PLUMgrid, Inc.
+# Licensed under the Apache License, Version 2.0 (the "License")
+
+# run in project directory with:
+# sudo bash -c "PYTHONPATH=$PWD/src LD_LIBRARY_PATH=$PWD/build/src/cc examples/hello_world.py"
+
+from bpf import BPF
+from subprocess import call
+
+prog = """
+#include "src/cc/bpf_helpers.h"
+BPF_EXPORT(hello)
+int hello(void *ctx) {
+  char fmt[] = "Hello, World!\\n";
+  bpf_trace_printk(fmt, sizeof(fmt));
+  return 0;
+};
+"""
+b = BPF(text=prog)
+fn = b.load_func("hello", BPF.KPROBE)
+BPF.attach_kprobe(fn, "sys_clone")
+call(["cat", "/sys/kernel/debug/tracing/trace_pipe"])
diff --git a/src/bpf.py b/src/bpf.py
index 1240643958e7..f141b6178c4f 100644
--- a/src/bpf.py
+++ b/src/bpf.py
@@ -176,7 +176,7 @@ def attach_raw_socket(fn, dev):
         fn.sock = sock
 
     @staticmethod
-    def attach_kprobe(fn, event, pid=-1, cpu=0, group_fd=-1):
+    def attach_kprobe(fn, event, pid=0, cpu=-1, group_fd=-1):
         if not isinstance(fn, BPF.Function):
             raise Exception("arg 1 must be of type BPF.Function")
         ev_name = "p_" + event.replace("+", "_")