diff --git a/cmd/tap.go b/cmd/tap.go
index fe0ef9b23..962079235 100644
--- a/cmd/tap.go
+++ b/cmd/tap.go
@@ -48,6 +48,7 @@ func init() {
 	tapCmd.Flags().Uint16(configStructs.ProxyFrontPortLabel, defaultTapConfig.Proxy.Front.Port, "Provide a custom port for the proxy/port-forward")
 	tapCmd.Flags().String(configStructs.ProxyHostLabel, defaultTapConfig.Proxy.Host, "Provide a custom host for the proxy/port-forward")
 	tapCmd.Flags().StringSliceP(configStructs.NamespacesLabel, "n", defaultTapConfig.Namespaces, "Namespaces selector")
+	tapCmd.Flags().StringSliceP(configStructs.ExcludedNamespacesLabel, "e", defaultTapConfig.ExcludedNamespaces, "Excluded namespaces")
 	tapCmd.Flags().StringP(configStructs.ReleaseNamespaceLabel, "s", defaultTapConfig.Release.Namespace, "Release namespace of Kubeshark")
 	tapCmd.Flags().Bool(configStructs.PersistentStorageLabel, defaultTapConfig.PersistentStorage, "Enable persistent storage (PersistentVolumeClaim)")
 	tapCmd.Flags().Bool(configStructs.PersistentStorageStaticLabel, defaultTapConfig.PersistentStorageStatic, "Persistent storage static provision")
diff --git a/cmd/tapRunner.go b/cmd/tapRunner.go
index 2eb21d326..1291cc6bf 100644
--- a/cmd/tapRunner.go
+++ b/cmd/tapRunner.go
@@ -437,6 +437,7 @@ func updateConfig(kubernetesProvider *kubernetes.Provider) {
 	_, _ = kubernetes.SetSecret(kubernetesProvider, kubernetes.SECRET_LICENSE, config.Config.License)
 	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_POD_REGEX, config.Config.Tap.PodRegexStr)
 	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_NAMESPACES, strings.Join(config.Config.Tap.Namespaces, ","))
+	_, _ = kubernetes.SetConfig(kubernetesProvider, kubernetes.CONFIG_EXCLUDED_NAMESPACES, strings.Join(config.Config.Tap.ExcludedNamespaces, ","))
 
 	data, err := json.Marshal(config.Config.Scripting.Env)
 	if err != nil {
diff --git a/config/configStruct.go b/config/configStruct.go
index 97b42fa0a..eec2fa07c 100644
--- a/config/configStruct.go
+++ b/config/configStruct.go
@@ -16,6 +16,9 @@ const (
 func CreateDefaultConfig() ConfigStruct {
 	return ConfigStruct{
 		Tap: configStructs.TapConfig{
+			ExcludedNamespaces: []string{
+				"kube-system",
+			},
 			NodeSelectorTerms: []v1.NodeSelectorTerm{
 				{
 					MatchExpressions: []v1.NodeSelectorRequirement{
diff --git a/config/configStructs/tapConfig.go b/config/configStructs/tapConfig.go
index e2748ec4f..32e9c32cd 100644
--- a/config/configStructs/tapConfig.go
+++ b/config/configStructs/tapConfig.go
@@ -17,6 +17,7 @@ const (
 	ProxyHubPortLabel            = "proxy-hub-port"
 	ProxyHostLabel               = "proxy-host"
 	NamespacesLabel              = "namespaces"
+	ExcludedNamespacesLabel      = "excludedNamespaces"
 	ReleaseNamespaceLabel        = "release-namespace"
 	PersistentStorageLabel       = "persistentStorage"
 	PersistentStorageStaticLabel = "persistentStorageStatic"
@@ -164,6 +165,7 @@ type TapConfig struct {
 	Proxy                        ProxyConfig           `yaml:"proxy" json:"proxy"`
 	PodRegexStr                  string                `yaml:"regex" json:"regex" default:".*"`
 	Namespaces                   []string              `yaml:"namespaces" json:"namespaces" default:"[]"`
+	ExcludedNamespaces           []string              `yaml:"excludedNamespaces" json:"excludedNamespaces" default:"[]"`
 	BpfOverride                  string                `yaml:"bpfOverride" json:"bpfOverride" default:""`
 	Stopped                      bool                  `yaml:"stopped" json:"stopped" default:"false"`
 	Release                      ReleaseConfig         `yaml:"release" json:"release"`
diff --git a/helm-chart/templates/12-config-map.yaml b/helm-chart/templates/12-config-map.yaml
index 1467f96f0..f107953d3 100644
--- a/helm-chart/templates/12-config-map.yaml
+++ b/helm-chart/templates/12-config-map.yaml
@@ -9,6 +9,7 @@ metadata:
 data:
     POD_REGEX: '{{ .Values.tap.regex }}'
     NAMESPACES: '{{ gt (len .Values.tap.namespaces) 0 | ternary (join "," .Values.tap.namespaces) "" }}'
+    EXCLUDED_NAMESPACES: '{{ gt (len .Values.tap.excludedNamespaces) 0 | ternary (join "," .Values.tap.excludedNamespaces) "" }}'
     BPF_OVERRIDE: '{{ .Values.tap.bpfOverride }}'
     STOPPED: '{{ .Values.tap.stopped | ternary "true" "false" }}'
     SCRIPTING_SCRIPTS: '{}'
diff --git a/helm-chart/values.yaml b/helm-chart/values.yaml
index 03268b943..484ea57ef 100644
--- a/helm-chart/values.yaml
+++ b/helm-chart/values.yaml
@@ -18,6 +18,8 @@ tap:
     host: 127.0.0.1
   regex: .*
   namespaces: []
+  excludedNamespaces:
+  - kube-system
   bpfOverride: ""
   stopped: false
   release:
diff --git a/kubernetes/config.go b/kubernetes/config.go
index f8a3ba017..6639e8b1a 100644
--- a/kubernetes/config.go
+++ b/kubernetes/config.go
@@ -15,6 +15,7 @@ const (
 	SECRET_LICENSE                    = "LICENSE"
 	CONFIG_POD_REGEX                  = "POD_REGEX"
 	CONFIG_NAMESPACES                 = "NAMESPACES"
+	CONFIG_EXCLUDED_NAMESPACES        = "EXCLUDED_NAMESPACES"
 	CONFIG_SCRIPTING_ENV              = "SCRIPTING_ENV"
 	CONFIG_INGRESS_ENABLED            = "INGRESS_ENABLED"
 	CONFIG_INGRESS_HOST               = "INGRESS_HOST"
diff --git a/kubernetes/provider.go b/kubernetes/provider.go
index 2a44e3c13..a4f66d50c 100644
--- a/kubernetes/provider.go
+++ b/kubernetes/provider.go
@@ -227,12 +227,24 @@ func (provider *Provider) GetKubernetesVersion() (*semver.SemVersion, error) {
 	return &serverVersionSemVer, nil
 }
 
-func (provider *Provider) GetNamespaces() []string {
+func (provider *Provider) GetNamespaces() (namespaces []string) {
 	if len(config.Config.Tap.Namespaces) > 0 {
-		return utils.Unique(config.Config.Tap.Namespaces)
+		namespaces = utils.Unique(config.Config.Tap.Namespaces)
 	} else {
-		return []string{K8sAllNamespaces}
+		namespaceList, err := provider.clientSet.CoreV1().Namespaces().List(context.TODO(), metav1.ListOptions{})
+		if err != nil {
+			log.Error().Err(err).Send()
+			return
+		}
+
+		for _, ns := range namespaceList.Items {
+			namespaces = append(namespaces, ns.Name)
+		}
 	}
+
+	namespaces = utils.Diff(namespaces, config.Config.Tap.ExcludedNamespaces)
+
+	return
 }
 
 func getClientSet(config *rest.Config) (*kubernetes.Clientset, error) {
diff --git a/utils/slice.go b/utils/slice.go
index 1ec315382..f19d6928a 100644
--- a/utils/slice.go
+++ b/utils/slice.go
@@ -37,3 +37,18 @@ func EqualStringSlices(slice1 []string, slice2 []string) bool {
 
 	return true
 }
+
+// Diff returns the elements in `a` that aren't in `b`.
+func Diff(a, b []string) []string {
+	mb := make(map[string]struct{}, len(b))
+	for _, x := range b {
+		mb[x] = struct{}{}
+	}
+	var diff []string
+	for _, x := range a {
+		if _, found := mb[x]; !found {
+			diff = append(diff, x)
+		}
+	}
+	return diff
+}