Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/kubeshark/kubeshark

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes
https://github.com/kubeshark/kubeshark

amqp cloud-native devops devops-tools docker forensics go golang grpc incident-response kafka kubernetes microservice microservices microservices-application observability redis rest sniffer wireshark

Last synced: 2 days ago
JSON representation

The API traffic analyzer for Kubernetes providing real-time K8s protocol-level visibility, capturing and monitoring all traffic and payloads going in, out and across containers, pods, nodes and clusters. Inspired by Wireshark, purposely built for Kubernetes

Awesome Lists containing this project

README 

        


  Kubeshark: Traffic analyzer for Kubernetes.






    

        GitHub Latest Release

    

    

      Docker pulls

    

    

      Image size

    

    

      Discord

    

    

      Slack

    






  

    Want to see Kubeshark in action right now? Visit this

    live demo deployment of Kubeshark.

  




**Kubeshark** is a network observability platform for [**Kubernetes**](https://kubernetes.io/), providing real-time, protocol-level visibility into Kubernetes’ network. It enables users to inspect all internal and external cluster connections, API calls, and data in transit. Additionally, Kubeshark detects suspicious network behaviors, triggers automated actions, and provides deep insights into the network.



![Simple UI](https://github.com/kubeshark/assets/raw/master/png/kubeshark-ui.png)



Think [TCPDump](https://en.wikipedia.org/wiki/Tcpdump) and [Wireshark](https://www.wireshark.org/) reimagined for Kubernetes.



## Getting Started

Download **Kubeshark**'s binary distribution [latest release](https://github.com/kubeshark/kubeshark/releases/latest) or use one of the following methods to deploy **Kubeshark**. The [web-based dashboard](https://docs.kubeshark.co/en/ui) should open in your browser, showing a real-time view of your cluster's traffic.



### Homebrew



[Homebrew](https://brew.sh/) :beer: users can install the Kubeshark CLI with:



```shell

brew install kubeshark

kubeshark tap

```



To clean up:

```shell

kubeshark clean

```



### Helm



Add the Helm repository and install the chart:



```shell

helm repo add kubeshark https://helm.kubeshark.co

helm install kubeshark kubeshark/kubeshark

```

Follow the on-screen instructions how to connect to the dashboard.



To clean up:

```shell

helm uninstall kubeshark

```



## Building From Source



Clone this repository and run the `make` command to build it. After the build is complete, the executable can be found at `./bin/kubeshark`.



## Documentation



To learn more, read the [documentation](https://docs.kubeshark.co).



## Additional Use Cases



### Dump All Cluster-wide Traffic into a Single PCAP File



Record **all** cluster traffic and consolidate it into a single PCAP file (tcpdump-style).



Run Kubeshark to start capturing traffic:

```shell

kubeshark tap --set headless=true

```

> You can press `^C` to stop the command. Kubeshark will continue running in the background.



Take a snapshot of traffic (e.g., from the past 5 minutes):

```shell

kubeshark pcapdump --time 5m

```

> Read more [here](https://docs.kubeshark.co/en/pcapdump).



## Contributing



We :heart: pull requests! See [CONTRIBUTING.md](CONTRIBUTING.md) for the contribution guide.