An enterprise-grade monitoring and alerting platform for security operations centers, intelligence analysts, and threat researchers operating in hostile information environments.
Comprehensive tooling for intelligence gathering, analysis, and response coordination.
Real-time command center with statistics tiles, criticality distribution charts, 7-day trend analysis, and a live recent alerts feed with 30-second refresh.
Aggregate intelligence from API endpoints, RSS feeds, website scraping, and dark web .onion sources via Tor proxy. 20 default feeds with full CRUD.
Simple text or regex pattern matching with case sensitivity controls. Four criticality levels with automatic alert generation on match.
Advanced alert viewer with bulk operations, 6 filter types, read/unread tracking, content detail dialog with raw JSON viewer, and keyword highlighting.
Many-to-many tag relationships across feeds, keywords, and alerts. Custom color picker with 16 presets, usage counts, and detailed association views.
JSONPath-based field extraction from JSON API endpoints. Support for pagination, nested responses, API key authentication, and a built-in testing interface.
Configure Email (SMTP), generic Webhooks, and Discord webhooks. Per-channel criticality filtering, test notifications, and enable/disable controls.
Comprehensive health dashboard with consecutive failure tracking, error message display, CSV export, and 4-state status indicators.
Alert cleanup with retention preview, safety confirmation, system information display, general configuration with fetch intervals, timezone, and auto-cleanup.