Observability

Identity-aware L3/L4/DNS Network Flow Logs

Holistic view of your network traffic

How can you trace traffic to a specific workload in a complex environment?

Traditional network flow logs often lack the necessary level of detail and context needed to monitor and troubleshoot network issues in complex environments making it difficult to trace traffic back to specific workloads. This makes debugging difficult and time-consuming and makes it challenging to identify the source and scope of security incidents.

Audit Bee

Real time visibility for Network Flows

By providing real-time visibility into network flows with enhanced metadata, including identity-based information about Kubernetes workloads, Cilium simplifies the process of monitoring and troubleshooting network traffic in Kubernetes clusters. This makes it easier to trace traffic back to specific workloads, simplifying the process of monitoring, troubleshooting, and addressing network issues, and enabling operators to quickly identify and respond to security incidents.

Kubernetes-aware Network Flow Logs

Cilium enhances network flow logs with additional information about the identity of the Kubernetes workloads generating or receiving the traffic. This identity information is based on the Kubernetes labels and annotations assigned to the workloads, as well as any other metadata that can be retrieved from the Kubernetes API server.

cilium metrics and tracing with grafana illustration

Who’s using Cilium’s for Network Flow logs?

  • Observability for a highly available multi cluster environment with Hubble

    Perhaps the most important feature from Hubble UI is the network flow itself. If you look deeper into the flow you’ll see full deep rich information about every single packet traversed between different services. And that’s important so that we can build understanding of how traffic is flung between services.

    Ahmed Bebars - Software engineer, The New York Times

    Watch The Talk

  • Building Data Sandboxes at Bloomberg

    “We definitely love Hubble, provides us with a lot of observability which is very helpful not only to have that application and network visibility as we’re looking into what’s happening in our client cluster but we’ve also found out that this is a really beneficial learning tool for people in our team that are new to Cilium or new to the team to able to see the network flows to see what’s happening to trafiic as it is coming in and out of our workloads has been a really powerful way to visualize how things work together”

    Anne Zepecki & Sritej Attaluri - Bloomberg

    Watch The TalkRead The Case Study

Want to Learn More?

Join the Cilium Slack

Cilium is an open source project that anyone in the community can use, improve, and enjoy. We'd love you to join us on Slack! Find out what's happening and get involved.

Join the Slack

Read the Documentation

Cilium has extensive documentation that covers its features and use cases. The docs also features tutorials for common user stories.

Read the Docs

Get Help

Get help with Cilium through Slack, Github, training, support, and FAQs. The community can also help you tell or promote your story around Cilium.

Get Help