The original post: /r/netsec by /u/Pale_Fly_2673 on 2024-09-02 20:58:03.

Traceeshark: integrates Linux runtime security monitoring and system tracing with Wireshark, allowing users to load Tracee captures in JSON format into Wireshark for analysis. It enables the examination of system events alongside network packets, offering rich context about processes and containers. Additionally, Traceeshark allows for real-time event capture from Tracee directly within Wireshark, whether on a local machine, a semi-local setup using Docker on Windows/Mac, or remotely via SSH.