hengyoush / kyanos
Kyanos is a networking analysis tool using eBPF. It can visualize the time packets spend in the kernel, capture requests/responses, makes troubleshooting more efficient.
AI Architecture Analysis
This repository is indexed by RepoMind. By analyzing hengyoush/kyanos in our AI interface, you can instantly generate complete architecture diagrams, visualize control flows, and perform automated security audits across the entire codebase.
Our Agentic Context Augmented Generation (Agentic CAG) engine loads full source files into context on-demand, avoiding the fragmentation of traditional RAG systems. Ask questions about the architecture, dependencies, or specific features to see it in action.
Embed this Badge
Showcase RepoMind's analysis directly in your repository's README.
Repository Overview (README excerpt)
Crawler viewkyanos One command to find slowest requests and identify the reasons. 简体中文 | English • English Document Table of Contents • kyanos • Table of Contents • What is kyanos • Examples • ❗ Requirements • 🎯 How to get kyanos • 📝 Documentation • ⚙ Usage • 🏠 How to build • Roadmap • 🤝 Feedback and Contributions • 🙇 Special Thanks • 🗨️ Contacts • Star History What is kyanos Kyanos is an **eBPF-based** network issue analysis tool that enables you to capture network requests, such as HTTP, Redis, and MySQL requests. It also helps you analyze abnormal network issues and quickly troubleshooting without the complex steps of packet capturing, downloading, and analysis. • **Powerful Traffic Filtering**: Not only can filter based on traditional IP/port information, can also filter by process/container, L7 protocol information, request/response byte size, latency, and more. • **Advanced Analysis Capabilities** : Unlike tcpdump, which only provides fine-grained packet capture, Kyanos supports aggregating captured packet metrics across various dimensions, quickly providing the critical data most useful for troubleshooting. Imagine if the bandwidth of your HTTP service is suddenly maxed out—how would you quickly analyze and are causing it? With Kyanos, you just need one command: to find the largest response byte sizes sent to remote IPs and view specific data on request and response metrics. • **In-Depth Kernel-Level Latency Details**: In real-world, slow queries to remote services like Redis can be challenging to diagnose precisely. Kyanos provides kernel trace points from the arrival of requests/responses at the network card to the kernel socket buffer, displaying these details in a visual format. This allows you to identify exactly which stage is causing delays. • **Lightweight and Dependency-Free**: Almost zero dependencies—just a single binary file and one command, with all results displayed in the command line. • **Automatic SSL Traffic Decryption** : All captured requests and responses are presented in plaintext. Examples **Capture HTTP Traffic with Latency Details** Run the command: The result is as follows: **Capture Redis Traffic with Latency Details** Run the command: The result is as follows: **Identify the Slowest Requests in the Last 5 Seconds** Run the command: The result is as follows: ❗ Requirements Kyanos currently supports kernel versions 3.10(from 3.10.0-957) and 4.14 or above (with plans to support versions between 4.7 and 4.14 in the future). > You can check your kernel version using . 🎯 How to get kyanos You can download a statically linked binary compatible with amd64 and arm64 architectures from the release page: Then, run kyanos with **root privilege**: If the following table appears: 🎉 Congratulations! Kyanos has started successfully. 📝 Documentation English Document ⚙ Usage The simplest usage captures all protocols currently supported by Kyanos: Each request-response record is stored as a row in a table, with each column capturing basic information about that request. You can use the arrow keys or to move up and down through the records: Press to access the details view: In the details view, the first section shows **Latency Details**. Each block represents a "node" that the data packet passes through, such as the process, network card, and socket buffer. Each block includes a time value indicating the time elapsed from the previous node to this node, showing the process flow from the process sending the request to the network card, to the response being copied to the socket buffer, and finally read by the process, with each step’s duration displayed. The second section provides **Detailed Request and Response Content**, split into Request and Response parts, and truncates content over 1024 bytes. For targeted traffic capture, such as HTTP traffic: You can narrow it further to capture traffic for a specific HTTP path: Learn more: Kyanos Docs 🏠 How to build 👉 COMPILATION.md Roadmap The Kyanos Roadmap shows the future plans for Kyanos. If you have feature requests or want to prioritize a specific feature, please submit an issue on GitHub. _1.6.0_ • Support for postgresql protocol parsing. • Support for HTTP2 protocol parsing. • Support for DNS protocol parsing. • Support for GnuTLS. 🤝 Feedback and Contributions > [!IMPORTANT] > > If you encounter any issues or bugs while using the tool, please feel free to > ask questions in the issue tracker. 🙇 Special Thanks During the development of kyanos, some code was borrowed from the following projects: • eCapture • pixie • ptcpdump 🗨️ Contacts For more detailed inquiries, you can use the following contact methods: • **My Email:** hengyoush1@163.com • **My Blog:** http://blog.deadlock.cloud Star History Back to top