Deep
Network Observability

for

kubernetes logo

Inspect all internal and external cluster communications, API transactions, and data in transit with cluster-wide monitoring of all traffic going in, out, and across containers, pods, namespaces, nodes, and clusters.

github icon
GitHub Stars
10.7K
docker icon
Docker Pulls
19M
live serversicon
Live Servers
6K

How to deploy Kubeshark?

number one on homebrew

Install:

brew install kubeshark
coping iconcopy icon
number two on homebrew

Start capturing Traffic:

kubeshark tap
coping iconcopy icon
ready on homebrew

Ready

number one on helm

Add the Helm repository and install:

helm repo add kubeshark https://helm.kubeshark.co
helm install kubeshark kubeshark/kubeshark
coping iconcopy icon
number two on helm

Enable dashboard access:

kubectl port-forward service/kubeshark-front 8899:80
coping iconcopy icon
number three on helm

Visit local page:

Visit localhost:8899 to view real time streaming traffic

ready on helm

Ready

number one on shell

Install the CLI using a simple shell script:

sh <(curl -Ls https://kubeshark.co/install)
coping iconcopy icon

Alternatively, you can download the latest release of Kubeshark CLI directly from GitHub

number two on shell

Start capturing Traffic:

kubeshark tap
coping iconcopy icon
ready on shell

Ready

number one on github

Clone:

git clone https://github.com/kubeshark/kubeshark.git
coping iconcopy icon
number two on github

Build:

cd kubeshark && make
coping iconcopy icon
number thee on github

Start capturing traffic:

./bin/kubeshark__ tap
coping iconcopy icon
ready on github

Ready

network is a blind spot
Kubernetes Incident Investigation for DFIR teams

Deep Network Observability

  • item icon
    Gain protocol-level visibility into K8s' internal network across all parts of the cluster.
  • item icon
    Refine your analysis using a rich query language.
  • item icon
    Unravel the intricate web of relationships with an identity-aware service map.
  • item icon
    Analyze pod-to-pod connections and detect network errors.
Service map, logs and metrics in Grafana, Elastic or Influx

Traffic Recording & Offline Analysis

  • item icon
    Stop holding your breath while waiting for symptoms to appear as you watch.
  • item icon
    Capture the last hour/day/week of selected pods' traffic and analyze offline at your discretion.
  • item icon
    Ideal for compliance teams to securely record API transactions for future review.
Actionable detection of suspicious network behaviors

Monitoring & Alerts

  • item icon
    Detect suspicious network behaviors in real-time.
  • item icon
    Trigger alerts and export network metrics and schema-free documents to your preferred telemetry or log aggregation application.
  • item icon
    Create custom logic scripts in conjunction with OSI L4/L7 hooks.
Get going in <60 seconds
What are people saying about
Kubeshark Logo
The Must Have Tool for Devops & SREs
Alex Jones from Canonical describes why Kubeshark is a must have tool for Devops and SREs, and provides a brief history of Wireshark and the importance of network analysis.
Understand Traffic Flow in K8s
Abhishek Veeramalla, a DevOps evangelist, uses Kubeshark in his DevOps course to understand how services handle load balancing, service discovery, and exposing applications to the outside world.
Kubeshark Filtering Example
Kubeshark: 
Wireshark for Kubernetes
Kubeshark: Wireshark for Kubernetes Harsha Koushik, a security engineer, is using Kubeshark for traffic monitoring and threat modeling while comparing to other tools in the industry.
Review
I had a use case to identify all outbound connections made during normal operations of our product (to help clients with whitelisting), and Kubeshark saved me loads of time in the process! I raved about the tool to colleagues as well.
Nathan Chang
Solutions Architecture at Robust Inteligence