https://github.com/hengyoush/kyanos Skip to content Navigation Menu Toggle navigation Sign in * Product + GitHub Copilot Write better code with AI + Security Find and fix vulnerabilities + Actions Automate any workflow + Codespaces Instant dev environments + Issues Plan and track work + Code Review Manage code changes + Discussions Collaborate outside of code + Code Search Find more, search less Explore + All features + Documentation + GitHub Skills + Blog * Solutions By company size + Enterprises + Small and medium teams + Startups By use case + DevSecOps + DevOps + CI/CD + View all use cases By industry + Healthcare + Financial services + Manufacturing + Government + View all industries View all solutions * Resources Topics + AI + DevOps + Security + Software Development + View all Explore + Learning Pathways + White papers, Ebooks, Webinars + Customer Stories + Partners * Open Source + GitHub Sponsors Fund open source developers + The ReadME Project GitHub community articles Repositories + Topics + Trending + Collections * Enterprise + Enterprise platform AI-powered developer platform Available add-ons + Advanced Security Enterprise-grade security features + GitHub Copilot Enterprise-grade AI features + Premium Support Enterprise-grade 24/7 support * Pricing Search or jump to... Search code, repositories, users, issues, pull requests... Search [ ] Clear Search syntax tips Provide feedback We read every piece of feedback, and take your input very seriously. [ ] [ ] Include my email address so I can be contacted Cancel Submit feedback Saved searches Use saved searches to filter your results more quickly Name [ ] Query [ ] To see all available qualifiers, see our documentation. Cancel Create saved search Sign in Sign up Reseting focus You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session. Dismiss alert {{ message }} hengyoush / kyanos Public * Notifications You must be signed in to change notification settings * Fork 11 * Star 592 Visualize the time packets spend in the kernel, watch & analyze in command line. kyanos.io License Apache-2.0 license 592 stars 11 forks Branches Tags Activity Star Notifications You must be signed in to change notification settings * Code * Issues 8 * Pull requests 5 * Discussions * Actions * Projects 0 * Security * Insights Additional navigation options * Code * Issues * Pull requests * Discussions * Actions * Projects * Security * Insights hengyoush/kyanos main BranchesTags [ ] Go to file Code Folders and files Last commit Last Name Name message commit date Latest commit History 416 Commits .github .github agent agent bpf bpf bpftool @ 744e0cd bpftool @ 744e0cd cmd cmd common common docs docs libbpf @ e055420 libbpf @ e055420 monitor monitor testdata testdata utils utils vmlinux vmlinux .gitignore .gitignore .gitmodules .gitmodules .goreleaser.yaml .goreleaser.yaml CODE_OF_CONDUCT.md CODE_OF_CONDUCT.md LICENSE LICENSE Makefile Makefile README.md README.md README_CN.md README_CN.md btfgen.sh btfgen.sh build.sh build.sh check.sh check.sh go.mod go.mod go.sum go.sum main.go main.go package-lock.json package-lock.json package.json package.json renovate.json renovate.json validate-commit-msg.js validate-commit-msg.js View all files Repository files navigation * README * Code of conduct * Apache-2.0 license kyanos GitHub last commit GitHub release Test [kyanos-dem] Jian Ti Zhong Wen | English * English Document Table of Contents * What is kyanos * Examples * Requirements * How to get kyanos * Documentation * Usage * Feedback and Contributions * Contacts What is kyanos Kyanos is an eBPF-based network issue analysis tool that enables you to capture network requests, such as HTTP, Redis, and MySQL requests. It also helps you analyze abnormal network issues and quickly troubleshooting without the complex steps of packet capturing, downloading, and analysis. 1. Powerful Traffic Filtering: Not only can filter based on traditional IP/port information, can also filter by process/ container, L7 protocol information, request/response byte size, latency, and more. # Filter by pid ./kyanos watch --pids 1234 # Filter by container id ./kyanos watch --container-id abc # Filter by Redis key ./kyanos watch redis --keys my-key1,my-key2 # Filter by response byte size ./kyanos watch --resp-size 10000 2. Advanced Analysis Capabilities : Unlike tcpdump, which only provides fine-grained packet capture, Kyanos supports aggregating captured packet metrics across various dimensions, quickly providing the critical data most useful for troubleshooting. Imagine if the bandwidth of your HTTP service is suddenly maxed out--how would you quickly analyze which IPs and which requests are causing it? With Kyanos, you just need one command: kyanos stat http --bigresp to find the largest response byte sizes sent to remote IPs and view specific data on request and response metrics. kyanos find big response 3. In-Depth Kernel-Level Latency Details: In real-world, slow queries to remote services like Redis can be challenging to diagnose precisely. Kyanos provides kernel trace points from the arrival of requests/responses at the network card to the kernel socket buffer, displaying these details in a visual format. This allows you to identify exactly which stage is causing delays. kyanos time detail 4. Lightweight and Dependency-Free: Almost zero dependencies--just a single binary file and one command, with all results displayed in the command line. 5. Automatic SSL Traffic Decryption : All captured requests and responses are presented in plaintext. Examples Capture HTTP Traffic with Latency Details Run the command: ./kyanos watch http The result is as follows: kyanos quick start watch http Capture Redis Traffic with Latency Details Run the command: ./kyanos watch redis The result is as follows: kyanos quick start watch redis Identify the Slowest Requests in the Last 5 Seconds Run the command: ./kyanos stat --slow --time 5 The result is as follows: kyanos stat slow Requirements Kyanos currently supports kernel versions 3.10(from 3.10.0-957) and 4.14 or above (with plans to support versions between 4.7 and 4.14 in the future). You can check your kernel version using uname -r. How to get kyanos You can download a statically linked binary compatible with x86_64 and arm64 architectures from the release page: tar xvf kyanos_vx.x.x_linux_x86.tar.gz Then, run: kyanos watch If the following table appears: kyanos quick start success Congratulations! Kyanos has started successfully. Documentation English Document [?] Usage The simplest usage captures all protocols currently supported by Kyanos: ./kyanos watch Each request-response record is stored as a row in a table, with each column capturing basic information about that request. You can use the arrow keys or j/k to move up and down through the records: kyanos watch result Press Enter to access the details view: kyanos watch result detail In the details view, the first section shows Latency Details. Each block represents a "node" that the data packet passes through, such as the process, network card, and socket buffer. Each block includes a time value indicating the time elapsed from the previous node to this node, showing the process flow from the process sending the request to the network card, to the response being copied to the socket buffer, and finally read by the process, with each step's duration displayed. The second section provides Detailed Request and Response Content, split into Request and Response parts, and truncates content over 1024 bytes. For targeted traffic capture, such as HTTP traffic: ./kyanos watch http You can narrow it further to capture traffic for a specific HTTP path: ./kyanos watch http --path /abc Learn more: Kyanos Docs Feedback and Contributions Important If you encounter any issues or bugs while using the tool, please feel free to ask questions in the issue tracker. [?] Contacts For more detailed inquiries, you can use the following contact methods: * My Email: hengyoush1@163.com * My Blog: http://blog.deadlock.cloud Back to top About Visualize the time packets spend in the kernel, watch & analyze in command line. kyanos.io Topics tcp network sniffer capture command-line-tool ebpf tcpdump bpf tcpdump-like Resources Readme License Apache-2.0 license Code of conduct Code of conduct Activity Stars 592 stars Watchers 3 watching Forks 11 forks Report repository Releases 8 v1.4.0 Latest Nov 15, 2024 + 7 releases Contributors 2 * * Languages * C 97.3% * Go 2.6% * Other 0.1% Footer (c) 2024 GitHub, Inc. Footer navigation * Terms * Privacy * Security * Status * Docs * Contact * Manage cookies * Do not share my personal information You can't perform that action at this time.