The API Traffic Analyzer

for

kubernetes logo

Real-time Kubernetes protocol-level visibility, capturing and monitoring all traffic going in, out and across containers, pods, namespaces, nodes and clusters.

INSTALL NOW
GitHub Stars
9.7K
docker icon
Docker Pulls
9M+
live serversicon
Live Servers
5K+

How to deploy Kubeshark?

number one on shell

Install the CLI using a simple shell script:

sh <(curl -Ls https://kubeshark.co/install)
coping iconcopy icon

Alternatively, you can download the latest release of Kubeshark CLI directly from GitHub

number two on shell

Start capturing Traffic:

kubeshark tap
coping iconcopy icon
ready on shell

Ready

number one on helm

Add the Helm repository and install:

helm repo add kubeshark https://helm.kubeshark.co && \
helm install kubeshark kubeshark/kubeshark
coping iconcopy icon
number two on helm

Enable dashboard access:

kubectl port-forward service/kubeshark-front 8899:80
coping iconcopy icon
number three on helm

Visit local page:

Visit localhost:8899 to view real time streaming traffic

ready on helm

Ready

number one on homebrew

Add the Homebrew repository and install:

brew tap kubeshark/kubeshark && \
brew install kubeshark
coping iconcopy icon
number two on homebrew

Start capturing Traffic:

kubeshark tap
coping iconcopy icon
ready on homebrew

Ready

number one on github

Clone:

git clone https://github.com/kubeshark/kubeshark.git
coping iconcopy icon
number two on github

Build:

cd kubeshark && make
coping iconcopy icon
number thee on github

Start capturing traffic:

./bin/kubeshark__ tap
coping iconcopy icon
ready on github

Ready

network is a Blindspot
Kubernetes Incident Investigation for DFIR teams

Real-time API Investigation & Debugging

  • item icon
    Gain protocol-level visibility into K8s' internal network across all parts of the cluster.
  • item icon
    Refine your investigation using a rich query language.
  • item icon
    Unravel the intricate web of relationships with an identity-aware service map.
Service map, logs and metrics in Grafana, Elastic or Influx

Traffic Recording & Offline Analysis

  • item icon
    Stop holding your breath while waiting for symptoms to appear as you watch.
  • item icon
    Capture the last hour/day/week of selected pods' traffic and create immutable snapshots.
  • item icon
    Conduct your investigation offline at your discretion using Kubeshark's dashboard in conjunction with the rest of your observability stack.
Actionable detection of suspicious network behaviors

Incident Detection & Response

  • item icon
    Detect suspicious network behaviors in real-time.
  • item icon
    Trigger alerts and stream network metrics and schema-free documents to your preferred telemetry or log aggregation application.
  • item icon
    Create custom logic scripts in conjunction with OSI L4/L7 hooks.
Get going in <60 seconds
What are people saying about
Kubeshark Logo
The Must Have Tool for Devops & SREs
Alex Jones from Canonical describes why Kubeshark is a must have tool for Devops and SREs, and provides a brief history of Wireshark and the importance of network analysis.
Understand Traffic Flow in K8s
Kubeshark: Wireshark for KubernetesHarsha Koushik, a security engineer, is using Kubeshark for traffic monitoring and threat modeling while comparing to other tools in the industry.
Kubeshark Filtering Example
KubeShark: 
Wireshark for Kubernetes
Alex Jones from Canonical describes why Kubeshark is a must have tool for Devops and SREs, and provides a brief history of Wireshark and the importance of network analysis.