Stratoshark

Stratoshark
What's
really
happening in your cloud?
Stratoshark lets you explore and analyze applications at the system call
level using a mature, proven interface based on Wireshark. Created for
the community by Sysdig.
News
Stratoshark: Extending Wireshark's legacy into the cloud
Blog post by Gerald Combs and Loris Degioanni
Those Aren't Packets: How Stratoshark Brings the Power of Wireshark
to the Cloud
Blog post by Gerald Combs
Getting Started With Stratoshark
Blog post by Josh Clark
The latest release of Stratoshark is 0.9.3. You can get it at the following
locations:
Windows x64 installer
Windows Arm64 installer
macOS Universal disk image
Source code
Read all release notes
Learn
Stratoshark lets you explore and investigate the application-level behavior
of your systems. You can capture system call and log activity and use a
variety of advanced features to troubleshoot and analyze that activity. If
you've ever used Wireshark, Stratoshark will look very familiar! It's a
sibling application that shares the same dissection and filtering engine and
much of the same user interface. It supports the same file format as Falco
and Sysdig CLI, which lets you pivot seamlessly between each tool. As an
added bonus, it's open source, just like Wireshark and Falco.
Quick start guide
Stratoshark wiki page
Getting Started With Stratoshark
, blog post by Josh Clark
Stratoshark remote capture tutorial
, blog post by Philippe Bogaerts
Videos
Stratoshark demo from Sysdig
Stratoshark Explained: Wireshark for System Calls, Containers & Cloud
by Sysdig
Open Source Summit 2025: Bring the Power of Wireshark To Syscalls and
Logs With Stratoshark by Gerald Combs
Stratoshark Tutorial: Getting Started with Gerald Combs by Chris Greer
Stratoshark demo by Ross Bagurdes
Get Help
Wireshark Q&A community
The #stratoshark channel on the
Wireshark Discord server