We had the need recently to capture DNS calls to try to get an idea why sometimes DNS resolving fails on Kube.
Except that Spider had a regression on UDP capture, and it was not any more possible to save UDP packets on the back office.

I fixed this and added a few quick features for DNS parsing.

Here comes a new release of Spider Controller with a bunch of improvements:

• Lists Gociphers & Sidecar Whisperers
• Allows getting logs from Controller, Attachments, Sidecars & Gociphers
• Provides Sidecar Whisperers to Gociphers to allow TLS deciphering on their captured data
• When an Ephemeral Whisperer fails twice in 5 minutes, the Controller stops restarting it to avoid overloading the POD manifest

November release comes with enhancements on TLS Deciphering, such as TLS 1.2 deciphering, various and bug fixes.

First release of TLS deciphering was 1 month ago, and many improvements have been done after these few weeks of run.

• Observability of discovery phase has been enhanced and fixed to help understanding what is captured
• TLS 1.2 deciphering has been added
• Many UI and deciphering fixes

October release comes with 1 major feature and various bug fixes:

• Spider now captures TLS secrets live and deciphers TLS encrypted communications: HTTPS, MQTTS, secured DB connections...

I am thrilled to announce a major milestone for Spider: TLS encrypted communication deciphering is now available! 🚀

This release represents a significant leap forward in achieving comprehensive observability for all your communications.

I dreamed of making this possible, and here it is—after a lot of intricate engineering, it's finally a reality! 😀

All 43 microservices and UIs have been upgraded to Node 20 and Alpine 3.20, with latest security fixes. 💪

Since the introduction of new Whisperers agents in Go, these Gossipers have proven reliable, extremely stable and no known bugs is left pending.
They even offer a simpler setup with standalone executables.

Nodes.js Whisperers are thereby officially deprecated, and TLS deciphering has only been implemented in Gossipers.

For years, Spider has been able to parse a second time TCP sessions

• For which Packets, TCP sessions and Parsing log was saved in Elasticsearch
• For which some Packets have been missing when parsing

I've decided to remove this feature as:

• Most often Packets and Tcp sessions are not saved anymore
• Streaming parsing quality is now excellent
• It was one useless service flying around in the cluster

This parsing step has then been removed from the deployed cluster, the configuration and documentation!