Introduction
What is KubeSense?
KubeSense is a full-stack observability platform built for modern infrastructure — Kubernetes, Docker, VMs, serverless, ECS, Lambda, OpenShift, and on-prem deployments across any cloud provider. It gives engineering teams complete visibility into services, infrastructure, and applications with zero code changes.
KubeSense combines two powerful instrumentation approaches: eBPF for automatic kernel-level observability and OpenTelemetry for standards-based telemetry collection. eBPF auto-instruments workloads at the kernel level — capturing traces, metrics, logs, and network traffic in real-time without modifying application code, containers, or deployment pipelines. OpenTelemetry provides a vendor-neutral, open-standard framework for collecting and exporting telemetry data from your applications.
The entire platform is 100% self-hosted — it deploys entirely within your own environment. No data ever leaves your infrastructure. Deploy a lightweight sensor, and within minutes you get APM, distributed tracing, log management, infrastructure monitoring, real user monitoring, and AI-powered root cause analysis — all from a single platform, running in your cloud.
Why KubeSense?
Modern infrastructure is complex. Teams run workloads across Kubernetes clusters, serverless functions, container services, and virtual machines — often spanning multiple cloud providers and on-prem environments. Traditional monitoring tools either lack depth, require invasive instrumentation, or force you to stream sensitive telemetry data to third-party clouds with ever-increasing, volume-based pricing.
KubeSense was built to solve this:
- Zero instrumentation — eBPF captures everything at the kernel level. No sidecars, no code changes, no SDK integrations required. Deploy once and observe everything.
- OpenTelemetry native — KubeSense is built on OpenTelemetry from the ground up. It natively ingests OTel traces, metrics, and logs — so teams already using OpenTelemetry SDKs get instant compatibility with zero migration effort.
- 100% self-hosted — The entire platform runs in your environment. Your cloud, your data center, your rules. No telemetry data is ever sent to third-party servers.
- Any infrastructure — Kubernetes, ECS, Lambda, Docker, VMs, bare metal, OpenShift, and on-prem. One platform that works everywhere your workloads run.
- Any cloud — AWS, GCP, Azure, or hybrid. KubeSense integrates natively with cloud-specific services and log sources.
- Protocol-level visibility — Auto-detects 25+ protocols including HTTP, gRPC, PostgreSQL, MySQL, Redis, MongoDB, Kafka, RabbitMQ, Cassandra, Elasticsearch, DNS, and more — without configuration.
- Language agnostic — Because eBPF operates at the kernel level, it works with every language — Java, Python, Go, Node.js, .NET, Rust, C++, Ruby, PHP, Elixir, and anything else running on Linux.
- AI-powered intelligence — Built-in root cause analysis, anomaly detection, and a conversational SRE assistant that helps you debug faster.
eBPF-Powered Observability
KubeSense uses eBPF (extended Berkeley Packet Filter) to observe your infrastructure at the deepest level possible — the Linux kernel itself.
Traditional APM tools require you to add SDKs, sidecars, or agents into every service. eBPF eliminates all of that. It attaches lightweight programs directly to kernel-level hooks — system calls, network events, and function calls — to capture telemetry data with near-zero overhead and without any changes to your application code.
This means KubeSense can:
- Auto-discover every service — No manual configuration. Every service communicating over the network is detected automatically.
- Capture every request — 25+ protocols including HTTP, gRPC, database queries (MySQL, PostgreSQL, MongoDB, Redis, Cassandra, Elasticsearch), message queues (Kafka, RabbitMQ, NATS), and more — all captured at the kernel level.
- Work with any language — eBPF doesn't care what language your service is written in. Java, Python, Go, Node.js, .NET, Rust, C++, Ruby, PHP, Elixir, Kotlin, Scala — all observed equally.
- Add near-zero overhead — eBPF programs execute in the kernel with minimal CPU and memory impact, so your production workloads are unaffected.
OpenTelemetry Native
KubeSense is OpenTelemetry native — built from the ground up to support the open standard for observability.
OpenTelemetry (OTel) is the industry-standard, vendor-neutral framework for generating, collecting, and exporting telemetry data (traces, metrics, and logs). KubeSense fully supports the OpenTelemetry protocol (OTLP), making it a drop-in backend for any environment already instrumented with OTel SDKs or collectors.
What this means for your team:
- No vendor lock-in — Your instrumentation follows the open standard. If you ever switch backends, your OTel instrumentation stays.
- Ingest OTel traces, metrics, and logs — KubeSense accepts OTLP data natively via gRPC and HTTP, with no adapters or converters needed.
- Enrich eBPF with application context — Combine automatic eBPF-captured telemetry with application-level OTel traces to get both infrastructure-level and code-level visibility in a single view.
- Use existing OTel SDKs and Collectors — Already running the OTel Collector or have SDKs in your services? Point them at KubeSense and start seeing data immediately.
- Standards-based, future-proof — As OpenTelemetry evolves, KubeSense evolves with it. No proprietary agents, no custom formats.
Self-Hosted & Secure by Design
Unlike SaaS observability platforms that require you to stream telemetry data to external clouds, KubeSense is 100% self-hosted. The entire platform — data collection, processing, storage, and the UI — deploys entirely within your own environment.
Your data never leaves your infrastructure
KubeSense runs wherever you run: your AWS account, your GCP project, your Azure subscription, your on-prem data center, or any combination. All observability data — traces, metrics, logs, and events — is collected, processed, stored, and queried within the boundaries of your own infrastructure.
This architecture provides:
- Complete data sovereignty — Your telemetry data stays in your environment, under your control. Meet compliance requirements for GDPR, HIPAA, SOC 2, PCI-DSS, and data residency regulations without workarounds.
- Zero data egress costs — No data is shipped to third-party clouds, which means no surprise egress charges. For high-throughput environments generating terabytes of telemetry, this alone saves thousands per month.
- No volume-based pricing surprises — Traditional SaaS observability tools charge based on data volume — the more you monitor, the more you pay. With KubeSense, monitor everything without worrying about runaway costs.
- Full data retention control — Decide how long to keep your data based on your own needs, not a vendor's pricing tier. Keep 30 days, 90 days, or a year — it's your storage, your choice.
- Security and privacy by default — Sensitive request payloads, database queries, and user data never transit external networks. Your security perimeter stays intact.
Predictable, infrastructure-based pricing
Because KubeSense runs in your environment, pricing is based on the infrastructure you monitor — not the volume of data you generate. This means teams can enable full observability across development, staging, and production environments without worrying about cost escalation.
Key Capabilities
| Capability | What it does |
|---|---|
| APM & Services | Monitor every service with success rates, RPS, latency (P95/P99), and error trends — auto-discovered, no configuration needed |
| Distributed Tracing | Trace requests end-to-end across services with protocol-level detail across HTTP, gRPC, Kafka, Redis, MySQL, and more |
| Service Map | Visualize service dependencies, connection health, and traffic flow in real-time |
| Infrastructure | Monitor nodes, pods, deployments, and 11+ Kubernetes resource types — plus VMs, containers, and serverless functions |
| Log Management | Search, filter, and transform logs with a built-in Log Explorer and Log Pipelines for processing at ingest |
| Dashboards | Build custom dashboards with a flexible query builder across metrics, logs, and traces |
| Real User Monitoring | Capture real user experience from mobile and web apps — crash rates, session replay, performance metrics |
| Alerts | Configure threshold-based and anomaly alerts with Slack, PagerDuty, Email, and webhook integrations |
| AI & Intelligence | AI-powered root cause analysis, error analytics, anomaly detection, and AgentSRE — a conversational assistant for your infrastructure |
| Database Monitoring | Track MySQL, Redis, MongoDB, and PostgreSQL query performance without installing database agents |
Supported Infrastructure
KubeSense works across your entire stack, regardless of where your workloads run:
| Environment | Details |
|---|---|
| Kubernetes | Any distribution — EKS, GKE, AKS, self-managed, k3s, kind |
| OpenShift | Red Hat OpenShift with full eBPF support |
| Amazon ECS | Both Fargate (serverless) and EC2 launch types |
| AWS Lambda | Serverless function monitoring via CloudWatch integration |
| Docker | Standalone Docker and Docker Compose deployments |
| Virtual Machines | EC2, GCE, Azure VMs, and on-prem bare metal servers |
| On-Premises | Private data centers with self-hosted KubeSense server |
How It Works
KubeSense deploys two lightweight components into your environment:
- KubeSensor — An eBPF-based agent that runs on each node. It attaches to kernel-level networking hooks to capture every request between services, without touching your application code or containers.
- LogSensor — A log collection agent that reads logs from nodes, containers, and applications, forwarding them for processing, transformation, and indexing.
Because instrumentation happens at the kernel level, KubeSense captures traffic across all protocols and all languages automatically — no per-service configuration needed.
For applications already instrumented with OpenTelemetry, KubeSense natively ingests OTel traces, metrics, and logs alongside eBPF-captured data — giving you a unified view that combines kernel-level and application-level visibility.
Quick Start
1. Install the CLI
curl -fsSL https://install.kubesense.ai | bash2. Deploy to your environment
kubesense installOr deploy using Helm, AWS Marketplace, or Docker Standalone.
3. Open the dashboard
Navigate to your KubeSense UI. Services, traces, and infrastructure data start appearing within minutes — no additional setup required.
For detailed installation options, see the Installation Guide.
Supported Protocols
KubeSense uses eBPF to auto-detect and monitor traffic across 25+ protocols at the kernel level — no configuration, no sidecars, no code changes. Because instrumentation happens in the kernel, any protocol flowing over the network is captured automatically.
Web & API
| Protocol | Use case |
|---|---|
| HTTP/1.0 / HTTP/1.1 | REST APIs, web traffic, microservices |
| HTTP/2 | Multiplexed streams, server push, modern APIs |
| gRPC | High-performance service-to-service communication |
| ConnectRPC | Browser and gRPC-compatible RPC framework |
| GraphQL | Query-based API monitoring (over HTTP) |
| WebSocket | Real-time bidirectional communication |
Databases
| Protocol | Use case |
|---|---|
| MySQL / MariaDB | Query monitoring, slow query detection, connection tracking |
| PostgreSQL | Query performance, transaction analysis, prepared statements |
| MongoDB | Document operations, aggregation pipelines, query analysis |
| Redis | Cache operations, pub/sub, streams, and data store commands |
| Cassandra (CQL) | Wide-column database operations and query performance |
| Memcached | Cache hit/miss rates, key operations, connection tracking |
| Elasticsearch | Search and indexing operations, cluster query performance |
Messaging & Streaming
| Protocol | Use case |
|---|---|
| Kafka | Message queues, streaming, consumer lag, event-driven architectures |
| RabbitMQ (AMQP) | Message broker operations, queue depth, exchange routing |
| NATS | Lightweight pub/sub messaging and request-reply patterns |
| MQTT | IoT device messaging, telemetry, and command channels |
Network & Infrastructure
| Protocol | Use case |
|---|---|
| DNS | Name resolution tracking, DNS error detection, latency |
| TCP | Connection tracking, retransmits, flow analysis |
| UDP | Stateless protocol monitoring and packet analysis |
| TLS/SSL | Encrypted traffic correlation, handshake latency, certificate tracking |
Additional Protocols
| Protocol | Use case |
|---|---|
| SMTP | Email delivery monitoring and mail server health |
| LDAP | Directory service authentication and query monitoring |
Because eBPF operates at the kernel's network stack, KubeSense can observe any protocol traversing the network — including custom or proprietary protocols — at the TCP/UDP level. The protocols listed above have deep, application-layer parsing built in.
Supported Languages
eBPF Auto-Instrumentation — Any Language
eBPF operates at the kernel level, not the application level. There is nothing to install per service. Any language that runs on Linux is automatically instrumented — traces, metrics, and network traffic are captured regardless of the application runtime.
This includes but is not limited to: Java, Python, Go, Node.js, .NET, Rust, C, C++, Ruby, PHP, Elixir, Scala, Kotlin, Swift, Zig, and any language that compiles to native code or runs on a standard runtime (JVM, CLR, V8, BEAM, etc.).
OpenTelemetry SDK Support — Enrich with Application Context
For teams that want application-level detail beyond what eBPF captures (custom spans, business-logic attributes, baggage propagation), KubeSense natively ingests data from all OpenTelemetry SDKs. Point your OTel SDK or Collector at KubeSense and it works immediately.
| Language | OTel SDK Status | Notes |
|---|---|---|
| Java | Stable | Auto-instrumentation agent available, covers Spring, Quarkus, Micronaut, and 100+ libraries |
| Python | Stable | Auto-instrumentation for Django, Flask, FastAPI, SQLAlchemy, and more |
| JavaScript / Node.js | Stable | Auto-instrumentation for Express, NestJS, Next.js, and more |
| Go | Stable | Manual instrumentation with rich library support for net/http, gRPC, and database drivers |
| .NET / C# | Stable | Auto-instrumentation for ASP.NET Core, Entity Framework, HttpClient, and more |
| Ruby | Stable | Instrumentation for Rails, Sinatra, Rack, and database adapters |
| PHP | Stable | Instrumentation for Laravel, Symfony, WordPress, and common frameworks |
| C++ | Stable | Manual instrumentation with full OTLP export support |
| Rust | Community | tracing-opentelemetry crate with OTLP export |
| Swift | Community | OpenTelemetry Swift SDK for iOS and server-side Swift |
| Erlang / Elixir | Community | OTel Erlang SDK for BEAM applications, Phoenix, and Ecto |
| Kotlin | Via Java | Runs on JVM — fully supported via the Java auto-instrumentation agent |
| Scala | Via Java | Runs on JVM — fully supported via the Java auto-instrumentation agent |
Since KubeSense accepts standard OTLP over gRPC and HTTP, any language or framework with an OpenTelemetry SDK or exporter is compatible — even those not listed above.