Logs & Alerts

Kubeshark provides ample ways to send log messages and alerts, some are inherent and some require integrations:

  • Console log and error messages
  • Dashboard alerts
  • Slack alerts
  • Send log messages to Elasticsearch
  • Use a webhook to send anything anywhere

Console Log & Error Messages

The console.log helper enables writing log messages that can be read using the kubeshark console CLI command. The console.error sends a message to stderr.

This script example calculates and sends telemetry information once per minute.

var packetCount = 0;
var totalKB = 0;

function onPacketCaptured(info) {
  packetCount++;
  totalKB += info.length / 1000;
}

function logPacketCountTotalBytes() {
  if (packetCount === 0) {
    console.error("Received no packets.");
  }

  console.log("Captured packet count per minute:", packetCount);
  packetCount = 0;
  console.log("Total KB captured per minute:", totalKB);
  totalKB = 0;
}

jobs.schedule("log-packet-count-total-bytes", "0 */1 * * * *", logPacketCountTotalBytes);

When used in conjunctions with kubeshark console you can expect the following console log output:

Console Log

Redirecting the command’s output to STDOUT will redirect only the results of console.log and omit error messages that were sent to stderr.

The following CLI command redirects the console log output to a file.

kubeshark console > /tmp/log.txt

Dashboard Alerts

The Kubeshark dashboard can show alerts using the test.pass and test.fail helpers. The test.pass will color a traffic entry green, where the test.fail helper will color the traffic entry red. You can for example; call these helpers through a JavaScript conditional statements that acts as the test criteria:

As an example, use the L7 hook onItemQueried in conjunction with the test.* helpers to detect response code 500 and show alerts in the dashboard:

function onItemQueried(data) {
  if (data.response.status === 500)
    return test.fail(data);
  else
    return test.pass(data);
}

Dashboard Alerts

Read more about the test.* helpers in the helpers section.

Slack Alerts

Use the Slack helper to send Slack alerts.

Read more in the Slack integration section.

Send Logs to Elasticsearch

Use the Elasticsearch helper to send schema-free JSON documents to Elasticsearch.

Read more in the Elastic integration section.

Webhooks

The Webhook helper enables you to send any payload anywhere that supports a webhooks.

Read more in the Webhook integration section.