kubeshark - Kubeshark is a network observability platform for Kubernetes, providing real-time, protocol-level visibility into Kubernetes’ network.

Network Intelligence for Kubernetes

Cluster-wide, real-time visibility into every packet, API call, and service interaction.
Replay any moment in time.
Resolve incidents at the speed of LLMs. 100% on-premises.

Kubeshark

Get Started

helm repo add kubeshark https://helm.kubeshark.com
helm install kubeshark kubeshark/kubeshark

Dashboard opens automatically. You're capturing traffic.

With AI — connect your assistant and debug with natural language:

brew install kubeshark
claude mcp add kubeshark -- kubeshark mcp

"Why did checkout fail at 2:15 PM?" "Which services have error rates above 1%?"

MCP setup guide →

Why Kubeshark

Instant root cause — trace requests across services, see exact errors
Zero instrumentation — no code changes, no SDKs, just deploy
Full payload capture — request/response bodies, headers, timing
TLS decryption — see encrypted traffic without managing keys
AI-ready — query traffic with natural language via MCP

Traffic Analysis and API Dissection

Capture and inspect every API call across your cluster—HTTP, gRPC, Redis, Kafka, DNS, and more. Request/response matching with full payloads, parsed according to protocol specifications. Headers, timing, and complete context. Zero instrumentation required.

API context

Learn more →

L4/L7 Workload Map

Visualize how your services communicate. See dependencies, traffic flow, and identify anomalies at a glance.

Service Map

Learn more →

AI-Powered Root Cause Analysis

Resolve production issues in minutes instead of hours. Connect your AI assistant and investigate incidents using natural language. Build network-aware AI agents for forensics, monitoring, compliance, and security.

"Why did checkout fail at 2:15 PM?" "Which services have error rates above 1%?" "Trace request abc123 through all services"

Works with Claude Code, Cursor, and any MCP-compatible AI.

MCP setup guide →

Traffic Retention

Retain every packet. Take snapshots. Export PCAP files. Replay any moment in time.

Traffic Retention

Snapshots guide →

Features

Feature	Description
Raw Capture	Continuous cluster-wide packet capture with minimal overhead
Traffic Snapshots	Point-in-time snapshots, export as PCAP for Wireshark
L7 API Dissection	Request/response matching with full payloads and protocol parsing
Protocol Support	HTTP, gRPC, GraphQL, Redis, Kafka, DNS, and more
TLS Decryption	eBPF-based decryption without key management
AI-Powered Analysis	Query traffic with Claude, Cursor, or any MCP-compatible AI
Display Filters	Wireshark-inspired display filters for precise traffic analysis
100% On-Premises	Air-gapped support, no external dependencies

Install

Method	Command
Helm	`helm repo add kubeshark https://helm.kubeshark.com && helm install kubeshark kubeshark/kubeshark`
Homebrew	`brew install kubeshark && kubeshark tap`
Binary	Download

Installation guide →

Contributing

We welcome contributions. See CONTRIBUTING.md.

License

Apache-2.0