diff --git a/internal/app/app.go b/internal/app/app.go
index f9809af..b937eed 100644
--- a/internal/app/app.go
+++ b/internal/app/app.go
@@ -101,11 +101,15 @@ func Run(
 	go bpf.ConsumeEvents(ctx, log, bpfCtx.NetworkRingBuffer, networkEventChan)
 
 	var shaResolver *workload.ShaResolver
+	var deletedPodChan chan string
 	if kubernetesMode {
-		shaResolver, err = workload.NewShaResolver()
+		deletedPodChan = make(chan string)
+		shaResolver, err = workload.NewShaResolver(log, deletedPodChan)
 		if err != nil {
 			return fmt.Errorf("failed to create sha resolver: %w", err)
 		}
+
+		go deletePods(ctx, log, deletedPodChan)
 	}
 
 	bannedCgroupIDs := lru.New[uint64, struct{}](cacheBannedSz)
diff --git a/internal/app/delete_pods.go b/internal/app/delete_pods.go
new file mode 100644
index 0000000..290bddc
--- /dev/null
+++ b/internal/app/delete_pods.go
@@ -0,0 +1,26 @@
+package app
+
+import (
+	"context"
+	"log/slog"
+
+	"github.com/nullswan/bpfsnitch/internal/metrics"
+)
+
+func deletePods(
+	ctx context.Context,
+	logger *slog.Logger,
+	deletedPodsChan chan string,
+) {
+	for {
+		select {
+		case <-ctx.Done():
+			return
+		case podID := <-deletedPodsChan:
+			for _, counter := range metrics.PodBasedMetrics {
+				logger.With("pod", podID).Info("Deleted pod-based metrics")
+				counter.DeleteLabelValues(podID)
+			}
+		}
+	}
+}
diff --git a/internal/metrics/counters.go b/internal/metrics/counters.go
index ff8d1d2..bdd9da5 100644
--- a/internal/metrics/counters.go
+++ b/internal/metrics/counters.go
@@ -49,3 +49,12 @@ var NetworkReceivedPacketsCounter = prometheus.NewCounterVec(
 	},
 	[]string{"pod", "remote_subnet"},
 )
+
+var PodBasedMetrics = []*prometheus.CounterVec{
+	DNSQueryCounter,
+	SyscallCounter,
+	NetworkReceivedBytesCounter,
+	NetworkSentBytesCounter,
+	NetworkSentPacketsCounter,
+	NetworkReceivedPacketsCounter,
+}