{"id":24743466,"url":"https://github.com/siemens/edgeshark","last_synced_at":"2025-06-18T21:11:38.783Z","repository":{"id":177228367,"uuid":"656753586","full_name":"siemens/edgeshark","owner":"siemens","description":"Discover and capture container network traffic from your comfy desktop Wireshark, using a containerized service and a Wireshark plugin.","archived":false,"fork":false,"pushed_at":"2024-09-27T17:46:33.000Z","size":4990,"stargazers_count":327,"open_issues_count":0,"forks_count":8,"subscribers_count":8,"default_branch":"main","last_synced_at":"2025-01-20T01:17:12.980Z","etag":null,"topics":["containerd","cri-o","docker","industrial-automation","wireshark","wireshark-plugin"],"latest_commit_sha":null,"homepage":"https://edgeshark.siemens.io/","language":"Markdown","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/siemens.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-06-21T15:07:45.000Z","updated_at":"2025-01-15T23:30:56.000Z","dependencies_parsed_at":"2023-11-10T14:43:50.611Z","dependency_job_id":"973e2208-d151-4059-b0a0-9c47ae9e22fd","html_url":"https://github.com/siemens/edgeshark","commit_stats":null,"previous_names":["siemens/edgeshark"],"tags_count":15,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siemens%2Fedgeshark","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siemens%2Fedgeshark/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siemens%2Fedgeshark/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/siemens%2Fedgeshark/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/siemens","download_url":"https://codeload.github.com/siemens/edgeshark/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":235949924,"owners_count":19071095,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["containerd","cri-o","docker","industrial-automation","wireshark","wireshark-plugin"],"created_at":"2025-01-28T01:36:11.966Z","updated_at":"2025-01-28T01:36:15.264Z","avatar_url":"https://github.com/siemens.png","language":"Markdown","funding_links":[],"categories":["Educational Aides"],"sub_categories":[],"readme":"\u003cimg alt=\"Edgeshark logo\" align=\"right\" width=\"100\" height=\"100\" src=\"icons/edgeshark/petrolshark-192x192.png\" style=\"padding: 0 0 1ex 0.8em\"\u003e\n\n[![Siemens](https://img.shields.io/badge/github-siemens-009999?logo=github)](https://github.com/siemens)\n[![Industrial Edge](https://img.shields.io/badge/github-industrial%20edge-e39537?logo=github)](https://github.com/industrial-edge)\n[![Edgeshark](https://img.shields.io/badge/github-Edgeshark-003751?logo=github)](https://github.com/siemens/edgeshark)\n\n# Edgeshark\n\n[![Manual](https://img.shields.io/badge/Edgeshark-manual-blue)](https://siemens.github.io/edgeshark)\n\n\u003e [!IMPORTANT]  \n\u003e Wireshark 4.4.0 is not supported as it breaks extcaps such as Edgeshark.\n\u003e Wireshark 4.4.1 scheduled for Oct 9th 2024 will contain two fixes so that this\n\u003e extcap plugin will be able to correctly work again.\n\n...or watch the recording of the **Edgeshark class at SharkFest 2023** in Brussels, with quick start, Docker networking, the Edgeshark architecture, below the surface of Docker Desktop, and more:\n\n[![Edgeshark - The Movie (SharkFest 2023)](https://github.com/siemens/edgeshark/assets/6920158/da5001de-ff31-483f-afdc-14473f323abb)](http://www.youtube.com/watch?v=53dUH6cZ9rc \"Live Capture in containers with Edgeshark\")\n\nDiscover the virtual communication of containers in\n([Docker](https://docker.com)) container hosts, such as the [Siemens Industrial\nEdge](https://github.com/industrial-edge). And capture container traffic live\nfrom the comfort of your Desktop's [Wireshark](https://wireshark.org) with a\nsimple click. Edgeshark additionally is\n[KinD](https://github.com/kubernetes-sigs/kind)-aware and supports further\ncontainer engines, such as containerd.\n\n[![wiring](images/thumb-wiring.png)](docs/_images/teaser-wiring.png)\n[![communication details](images/thumb-comm-details.png)](docs/_images/teaser-comm-details.png)\n\nLearn more about what Edgeshark has on offer from our [Edgeshark online\nmanual](https://siemens.github.io/edgeshark).\n\n## Quick Start\n\n- plain [Docker Host](#docker-host) with `docker compose` v2\n- plain [Docker Host Without Composer](#docker-host-without-composer) – just Docker and bash.\n- [Siemens Industrial Edge](#siemens-industrial-edge)\n\n### Docker Host\n\nWe provide multi-architecture Docker images for `linux/amd64` and `linux/arm64`.\nFirst, ensure that you have the Docker _compose_ plugin v2 installed. For Debian\nusers it is strongly recommended to install docker-ce instead of docker.io\npackages, as these are updated on a regular basis.\n\nMake sure you have a Linux kernel of at least version 4.11 installed, however we\nhighly recommend at least kernel version 5.6 or later.\n\nTo expose service TCP port 5001 **only on localhost**:\n\n```bash\nwget -q --no-cache -O - \\\n  https://github.com/siemens/edgeshark/raw/main/deployments/wget/docker-compose-localhost.yaml \\\n  | DOCKER_DEFAULT_PLATFORM= docker compose -f - up\n```\n\n\u003e [!WARNING]\n\u003e The following quick start deployments will **expose TCP port 5001** (or 5500)\n\u003e also to clients external to your host. Make sure to have proper network\n\u003e protection in place.\n\nTo expose service TCP port 5001 **to remote clients**:\n\n```bash\nwget -q --no-cache -O - \\\n  https://github.com/siemens/edgeshark/raw/main/deployments/wget/docker-compose.yaml \\\n  | DOCKER_DEFAULT_PLATFORM= docker compose -f - up\n```\n\nTo expose alternate service TCP port 5500 **to remote clients** (download and\nedit to export on a different host port, then deploy using your local composer\nfile):\n\n```bash\nwget -q --no-cache -O - \\\n  https://github.com/siemens/edgeshark/raw/main/deployments/wget/docker-compose-5500.yaml \\\n  | DOCKER_DEFAULT_PLATFORM= docker compose -f - up\n```\n\nFinally, visit http://localhost:5001 and start looking around your container\nhost virtual networking.\n\nIf you want to live capture traffic using Wireshark, please [download the csharg\nextcap plugin](https://github.com/siemens/cshargextcap/releases) for the\nOS/distribution and install it. \n\n### Docker Host Without Composer\n\nAlternatively, a bash script can be used to bring the Edgeshark services up or\ndown, without needing an installed docker compose plugin.\n\n```bash\nwget -q --no-cache -O - \\\n  https://github.com/siemens/edgeshark/raw/main/deployments/nocomposer/edgeshark.sh \\\n  | DOCKER_DEFAULT_PLATFORM= bash -s up\n```\n\n### Siemens Industrial Edge\n\nPlease head over to our\n[releases](https://github.com/siemens/edgeshark/releases) page to download the\nlatest (and greatest) Edgeshark app (amd64 only at this time):\n\n1. download the `edgeshark.zip` file.\n2. unpack the downloaded ZIP archive.\n3. import the `edgeshark.app` file into the catalog of your IEM.\n4. deploy ... and enjoy!\n\nIf you want to live capture traffic using Wireshark, please [download the csharg\nextcap plugin](https://github.com/siemens/cshargextcap/releases) for the\nOS/distribution and install it. Please also check the [cshargextcap installation\ninstructions](https://github.com/siemens/cshargextcap?tab=readme-ov-file#installation),\nespecially for macos users regarding the additional packetflix URL handler\ninstallation.\n\n## Project Structure\n\nThe \"Edgeshark\" project consist of several repositories:\n- 🖝 **Edgeshark Hub repository** 🖜\n- [G(h)ostwire discovery service](https://github.com/siemens/ghostwire)\n- [Packetflix packet streaming service](https://github.com/siemens/packetflix)\n- [Containershark Extcap plugin for\n  Wireshark](https://github.com/siemens/cshargextcap)\n- support modules:\n  - [turtlefinder](https://github.com/siemens/turtlefinder)\n  - [csharg (CLI)](https://github.com/siemens/csharg)\n  - [mobydig](https://github.com/siemens/mobydig)\n  - [ieddata](https://github.com/siemens/ieddata)\n\n## Working on the Manual\n\nThe Edgeshark manual uses [docsify](https://docsify.js.org/) so there is no need\nfor processing the documentation files first. Instead, they can be directly\ncopied one-to-one to a place from where they can be served as-is, such as the\n[Edgeshark live manual on github.com](https://siemens.github.io/edgeshark).\n\nWhen working on the documentation, simply serve the manual artifacts as-is in\norder to see an automatically updating live \"preview\" (which actually is quite\n\"what you see is what you get\" in this case):\n\n```bash\nmake docsify\n```\n\nWhen updating or adding icons in `icons/_media/icons`, make sure to optimize and\nsync them to `docs/_media/icons`:\n\n```bash\nsudo npm -g install svgo\nmake icons\n```\n\n**Do not edit** the icons in `docs/_media/icons`; edit only the \"source\" icons\nin `icons/_media/icons`.\n\n# Contributing\n\nPlease see [CONTRIBUTING.md](CONTRIBUTING.md).\n\n## License and Copyright\n\n(c) Siemens AG 2023, 2024\n\n[SPDX-License-Identifier: MIT](LICENSE)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiemens%2Fedgeshark","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsiemens%2Fedgeshark","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsiemens%2Fedgeshark/lists"}