C-Sentinel：用於 AI 分析的系統指紋採集器

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

To see all available qualifiers, see our documentation.

Semantic Observability for UNIX Systems - A lightweight C-based system prober with AI-powered analysis

License

Uh oh!

There was an error while loading. Please reload this page.

williamofai/c-sentinel

Folders and files

Latest commit

History

Repository files navigation

C-Sentinel

Semantic Observability for UNIX Systems

A lightweight, portable system prober written in C that captures "system fingerprints" for AI-assisted analysis of non-obvious risks. Features auditd integration, explainable risk scoring, and a live web dashboard with enterprise-grade multi-user authentication.

Live Demo: sentinel.speytech.com

Screenshots

Security Dashboard

Multi-Host Overview

User Profile & Security Settings

Two-Factor Authentication

Personal API Keys

Admin Features

Secure Login

What's New in v0.6.0

Previous Releases

v0.5.x: Security posture summary, risk trend sparkline, learning indicator, explainable risk factors, email alerts, event history

v0.4.0: Auditd integration, brute force detection, privacy-preserving username hashing, process attribution, risk scoring

v0.3.0: Web Dashboard, SHA256 checksums, systemd service, baseline learning, network probe, watch mode

The Problem

Modern observability tools like Dynatrace, Datadog, and Prometheus are excellent at metric collection and threshold alerting. But they answer a narrow question: "Is this metric outside its expected range?"

They struggle with:

C-Sentinel takes a different approach: capture a comprehensive system fingerprint—including security events—and use LLM reasoning to identify the "ghosts in the machine."

Quick Start

Dashboard Features

The web dashboard provides real-time security monitoring across your infrastructure.

Multi-User Authentication

Enterprise-grade access control with three roles:

Two-Factor Authentication (TOTP)

Secure your account with industry-standard TOTP:

Personal API Keys

Each user can create their own API keys for automation:

Admin Audit Log

Track all user actions for compliance and security:

Session Management

Full visibility into active sessions:

Security Posture Summary

Plain English explanation of your system's security status:

"This system shows no security concerns. Authentication patterns are normal with no failures detected. No privilege escalation activity detected. Overall posture: HEALTHY."

Explainable Risk Scoring

Every risk score includes factors that explain why:

Learning/Calibration Indicator

The system learns what's "normal" for your environment:

Risk Trend Sparkline

A mini chart showing 24-hour risk score history - instantly see if things are getting better or worse.

Email & Slack Alerts

Automatic notifications via email and/or Slack when:

Slack alerts include rich formatting with colour-coded severity, clickable dashboard links, and structured risk factor details.

Auditd Integration

C-Sentinel summarises auditd logs for semantic security analysis.

Example Output

JSON Output

Setup Audit Rules

For best results, add audit rules for sensitive files:

Privacy Features

Web Dashboard

C-Sentinel includes a web dashboard for monitoring multiple hosts in real-time.

Features

Quick Setup

Email Alert Configuration

Add to your systemd service or environment:

Slack Webhook Configuration

To get a webhook URL:

See dashboard/README.md for full setup instructions.

Public Demo Mode

Enable read-only public access for showcasing your dashboard:

In demo mode:

Great for LinkedIn posts, blog articles, or letting prospects explore before deploying.

Systemd Service

For production deployment:

All Features

Colour output is auto-detected (TTY) and respects the NO_COLOR standard.

Exit Codes (for CI/CD)

What It Captures

What It Flags

System Issues

Network Issues

Security Issues (with --audit)

Architecture

Why C?

Building

Requirements

Project Structure

Roadmap

Completed ✅

Planned 📋

License

MIT License - see LICENSE for details.

Author

William Murray - 30 years UNIX systems engineering

"The goal isn't to replace monitoring tools—it's to add wisdom to their data."

About

Semantic Observability for UNIX Systems - A lightweight C-based system prober with AI-powered analysis

Topics

Resources

License

Code of conduct

Contributing

Security policy

Uh oh!

There was an error while loading. Please reload this page.

Stars

Watchers

Forks

Releases

  5

Packages

  0

Languages

Footer

Footer navigation