A high-performance, eBPF-based network traffic analyzer written in Rust.  - GitHub - DavidHavoc/ayaFlow: A high-performance, eBPF-based network traffic analyzer written in Rust.

Hacker News is a community-driven platform for sharing and discussing technology news, startups, and programming-related topics. Through user submissions and comments, Hacker News offers insights into emerging technology trends, industry developments, and entrepreneurial ventures. Readers can participate in discussions, share their insights, and stay informed about the latest advancements in technology and innovation.

Hacker News

ayaFlow is an open source, eBPF-based network traffic analyzer written in Rust, built on the Aya framework. It runs as a sidecarless DaemonSet in Kubernetes, attaching TC hooks at both ingress and egress to capture kernel-native packet events with minimal overhead (~33 MB RSS). A userspace Tokio agent polls a ring buffer, stores events in SQLite, and exposes a REST API plus Prometheus metrics. Optional deep inspection enables TLS SNI and DNS query extraction. The eBPF program compiles to just 784 bytes and the tool requires Linux kernel 5.8+ with BTF support.