There is nothing more exciting (or nerve-wracking) than sharing something you’ve created with the world.
Over 25 years ago, we started working on Wireshark. For us, it has always been more than just a piece of software — it’s how we met, how we began our careers, and how we learned to solve problems that once seemed insurmountable.
Like many great projects, Wireshark was born out of necessity. Back then, network analyzers were physical machines that were as expensive as a luxury sports car, the size of a carry-on suitcase, and, quite frankly, not very good. One of us was working at a small internet service provider then, and the other was studying computer networks at university. We simply couldn’t afford the tools we needed, so we built one ourselves. Releasing Wireshark not only changed our lives, but it also revolutionized the industry and democratized access to network-level visibility.
Today, Wireshark has over 5 million daily users and has been downloaded more than 160 million times in the last decade alone. It’s humbling to see the global impact it’s had. But even in those early days, we knew that the concepts behind Wireshark could be used for more than just network analysis.
Wireshark’s workflows were built to explore large, complex datasets that are rich in detail and split into small, interconnected units. Its three-pane UI allows users to track the big picture while diving into specifics quickly and intuitively. The “capture” concept makes troubleshooting and sharing seamless, and its versatile filtering system offers incredible precision.
These design principles are not just timeless, they are perfectly applicable to today’s cloud-driven world. Modern cloud-based applications generate overwhelming amounts of data, yet slow, costly log management solutions dominate security investigation and troubleshooting.
Enter Stratoshark.
Today, we are excited to introduce Stratoshark, which applies the proven Wireshark philosophy to a new domain: system calls.
With Stratoshark, you can capture the activity of your Linux machine — including what happens inside containers — and analyze it using the same Wireshark UI you know and love. File I/O, command executions, network activity, interprocess communication? It’s all there. Whether you’re troubleshooting performance issues or investigating security events, Stratoshark provides everything you need in a single capture.
Key features include:
- Familiar 3-pane UI: Navigate the big picture while diving into the details—just like in Wireshark.
- Flexible filtering: Use Wireshark’s versatile filtering system to zero in on the information you need.
- Integrated with Falco: Analyze captures generated by Falco detections to simplify security workflows.
- Customizable displays: As with Wireshark, you can tailor the information to suit your unique use case.
For those who’ve relied on Wireshark for network packet analyses, Stratoshark will feel like home — the same panels, shortcuts, and display filter language. And if you’re new to this way of working, we’re confident that you’ll find the Stratoshark experience as transformative as Wireshark has been for its users.
We might have more gray hair now (or less of it altogether), but working collaboratively on Stratoshark has been just as exhilarating as it was in the early days. We can’t wait for you to try it, and as always, we value your feedback.
Give it a try and let us know what you think. Together, we can take cloud system troubleshooting to the next level.
Sincerely,
Gerald & Loris
P.S. Visit https://stratoshark.org to download Stratoshark and learn more.