API Traffic Viewer

for

A simple-yet-powerful API traffic viewer for Kubernetes enabling you to view all API communication between microservices to help you debug and troubleshoot regressions.

Think TCPDump and Chrome Dev Tools combined.

Download from GitHub

is a standalone tool (written in Golang) that you can download and run

MAC

LINUX

Download

curl -Lo mizu https://github.com/up9inc/mizu/releases/latest/download/mizu_darwin_amd64 && chmod 755 mizu Copy Icon

Run

mizu tap <podname> Copy Icon

Notes

You should have kubectl configured to run against your Kubernetes cluster.
For file checksum and more downloads please see our Github Releases page

Simple and powerful CLI

Real time view of all HTTP requests, REST and gRPC API calls

No installation or code instrumentation

Works completely on premises (on-prem)

To see

standalone UI, point your browser to

http://localhost:8899/mizu

Example

Assuming this is my list of running pods:

View traffic of a specific pod, identified by the pod name:

mizu tap catalogue-b87b45784-sxc8q Copy Icon

View traffic of several pods, identified by a regular expression:

mizu tap "(catalo*|front-end*)" Copy Icon

The above command will observe the traffic of the following pods as their names match the regular expression:

catalogue-6676dc489b-6tx9h
catalogue-db-69bd898747-7p8rq
front-end-946fd755f-8t6gp

View all API traffic

mizu tap ".*" Copy Icon

View all API traffic in pods that belong to a certain namespace

mizu tap ".*" -n sock-shop Copy Icon

Security

When Mizu taps data that could be considered sensitive (e.g. PII data) you can make sure certain keywords or pieces of data will not be shown or stored anywhere.

Mizu will redact by default any of the fields included in the personallyIdentifiableDataFields var located in the consts.go file in this folder:
https://github.com/up9inc/mizu/blob/develop/agent/pkg/sensitiveDataFiltering

var personallyIdentifiableDataFields = []string{"token", "authorization", "authentication", "cookie", "userid", "password", "username", "user", "key", "passcode", "pass", "auth", "authtoken", "jwt", "bearer", "clientid", "clientsecret", "redirecturi", "phonenumber", "zip", "zipcode", "address", "country", "firstname", "lastname", "middlename", "fname", "lname", "birthdate"} Copy Icon

Changing the default list of keywords

To remove or add keywords to the default list of redacted keywords, simply change the file and build the code with the altered file.

Redact sensitive data using regular expressions

You can filter free text from the body of messages with text/plain content-type with -r

Examples:

./mizu tap ".*" -r <regex> Copy Icon

Use multiple -r to simultaneously filter multiple patterns:

mizu tap catalo -r "redact this pattern" -r "and also this (.*) pattern" Copy Icon