diff --git a/falco.yaml b/falco.yaml
index 9b274106..4a1dfd17 100644
--- a/falco.yaml
+++ b/falco.yaml
@@ -632,7 +632,7 @@ base_syscalls:
 # Emit kernel side event and drop counters, compare to `syscall_event_drops`,
 # however this option reflects monotonic counters since Falco start,
 # exported at a constant stats interval and therefore can be regarded as an alternative.
-# kernel event conters are prefixed with `n_` e.g. `n_evts`, `n_drops`, `n_drops_buffer_total` ...
+# kernel event counters are prefixed with `n_` e.g. `n_evts`, `n_drops`, `n_drops_buffer_total` ...
 #
 # `libbpf_stats_enabled`:
 # Exposes `bpftool prog show` like stats, e.g. number of invocations
diff --git a/userspace/falco/stats_writer.cpp b/userspace/falco/stats_writer.cpp
index b10533bb..193c80d9 100644
--- a/userspace/falco/stats_writer.cpp
+++ b/userspace/falco/stats_writer.cpp
@@ -168,6 +168,7 @@ std::map<std::string, std::string> stats_writer::collector::get_metrics_output_f
 	output_fields["evt.time"] = std::to_string(now); /* Some ETLs may prefer a consistent timestamp within output_fields. */
 	output_fields["falco_version"] = FALCO_VERSION;
 	output_fields["falco_start_ts"] = std::to_string(agent_info->start_ts_epoch);
+	output_fields["falco_duration_sec"] = std::to_string((now - agent_info->start_ts_epoch) / ONE_SECOND_IN_NS);
 	output_fields["kernel_release"] = agent_info->uname_r;
 	output_fields["host_boot_ts"] = std::to_string(machine_info->boot_ts_epoch);
 	output_fields["hostname"] = machine_info->hostname; /* Explicitly add hostname to log msg in case hostname rule output field is disabled. */