Logo

API Traffic Viewer

for

 
Kubernetes

A simple-yet-powerful API traffic viewer for Kubernetes enabling you to view all API communication between microservices to help you debug and troubleshoot regressions.

Think TCPDump and Chrome Dev Tools combined.

GithubMizu release
Mizu is a standalone tool (written in Golang) that you can download and run
MAC (Intel)
MAC (Apple M1 silicon)
LINUX
WINDOWS (Intel 64bit)

Download

Copy Icon

Run

mizu tap <podname>
Copy Icon

Notes

  • You should have kubectl configured to run against your Kubernetes cluster.
  • For file checksum and more downloads please see our Github Releases page
  • For more downloads please see our Github Releases page Github Releases page
Simple and powerful CLI
Real time view of all HTTP requests, REST and gRPC API calls
No installation or code instrumentation
Works completely on premises (on-prem)
GithubMizu release
To see Mizu standalone UI, point your browser to
http://localhost:8899/mizu
Standalone IMG

Example

Assuming this is my list of running pods:
Example IMG

View traffic of a specific pod, identified by the pod name:

mizu tap catalogue-b87b45784-sxc8q
Copy Icon

View traffic of several pods, identified by a regular expression:

mizu tap "(catalo*|front-end*)"
Copy Icon
The above command will observe the traffic of the following pods as their names match the regular expression:
  • catalogue-6676dc489b-6tx9h
  • catalogue-db-69bd898747-7p8rq
  • front-end-946fd755f-8t6gp

View all API traffic

mizu tap ".*"
Copy Icon

View all API traffic in pods that belong to a certain namespace

mizu tap ".*" -n sock-shop
Copy Icon

Security

When Mizu taps data that could be considered sensitive (e.g. PII data) you can make sure certain keywords or pieces of data will not be shown or stored anywhere.


Mizu will redact by default any of the fields included in the personallyIdentifiableDataFields var located in the consts.go file in this folder:
https://github.com/up9inc/mizu/blob/main/tap/extensions/http/sensitive_data_cleaner.go

var personallyIdentifiableDataFields = []string{"token", "authorization", "authentication", "cookie", "userid", "password", "username", "user", "key", "passcode", "pass", "auth", "authtoken", "jwt", "bearer", "clientid", "clientsecret", "redirecturi", "phonenumber", "zip", "zipcode", "address", "country", "firstname", "lastname", "middlename", "fname", "lname", "birthdate"}
Copy Icon

Changing the default list of keywords

To remove or add keywords to the default list of redacted keywords, simply change the file and build the code with the altered file.

Redact sensitive data using regular expressions

You can filter free text from the body of messages with text/plain content-type with -r

Examples:

./mizu tap ".*" -r <regex>
Copy Icon

Use multiple -r to simultaneously filter multiple patterns:

mizu tap catalo -r "redact this pattern" -r "and also this (.*) pattern"
Copy Icon
Github IconSlack IconTwitter Icon
Built and maintained by UP9 © (2022)