Elephantshark: like Wireshark, but specifically for Postgres
a day ago
- #Postgres
- #Network Monitoring
- #Security
- Elephantshark monitors and troubleshoots Postgres network traffic between clients and servers.
- It decrypts and re-encrypts Postgres connections, enabling logging of messages or use of Wireshark via SSLKEYLOGFILE.
- Secure Postgres connections require specific SSL parameters to prevent MITM attacks.
- Elephantshark can be installed via Homebrew on macOS or run with Ruby 3.3+ on any platform.
- Usage involves modifying connection parameters, such as hostname suffixes and SSL settings.
- Elephantshark supports various options for logging, SSL negotiation, and port configurations.
- It can generate self-signed TLS certificates or use provided certificates for secure connections.
- The tool includes features like redacting passwords, forcing monochrome output, and chunking data.
- Elephantshark is useful for debugging but highlights security vulnerabilities if used over public networks.
- The project is open-source under the Apache-2.0 license.