Features
What Jallarhorn ships today. Every item below is on main and passes the full test suite, unless marked roadmap. Claims line up with the internal gap analysis — no vaporware on this page.
Monitoring protocols
Native plugins. Concurrent execution, 30-second refresh, counter-wrap handling.
SNMP v1 / v2c / v3
OID templates for common MIBs (if-MIB, host-resources, Cisco, Dell OpenManage, HPE iLO, Synology, QNAP, Nutanix). Custom-OID sensors for the long tail. Counter-wrap and 64-bit counters handled.
ICMP ping
Packet loss, latency, jitter on one sensor. Based on pro-bing with concurrent sweeps capped at 50 goroutines for discovery.
HTTP / HTTPS
Status, body content match, response time, certificate days-remaining. Basic / bearer / HMAC auth. Redirect control, timeout, and custom headers.
SSH
CPU load, memory, disk, uptime, and arbitrary script execution. Key or password auth. Works against Linux, BSD, macOS, and ESXi shells.
WinRM
CPU, memory, disk, Windows services, processes, WQL queries, and arbitrary PowerShell. NTLM and Kerberos authentication.
DNS
A / AAAA / MX / TXT / CNAME lookup, response time, and value-match assertions against expected records.
TCP
Port-open check with latency on any TCP port. Useful for DHCP, RDP, SNTP, and custom application ports.
SSL certificate
Days-until-expiry, issuer, chain validation. Runs on any SNI-speaking HTTPS endpoint.
Database probes · Cache probes
Ping or custom query on relational databases. Redis INFO parsing with key-count, memory, and connected-clients channels.
Custom sensors
Four plugins close roughly 70% of a typical per-sensor catalog without bespoke code.
Exec script New
Run any local executable. JSON on stdout maps to up to 50 channels. Timeout-enforced. Credentials passed via environment variables so they do not show up in process listings.
HTTP-JSON + JSONPath New
Poll any URL, parse JSON with JSONPath expressions, map N values to channels. Basic / bearer / HMAC auth. Response-time implicit channel.
Webhook push New
Receive POST /api/v2/push/:sensor_key from anywhere — CI pipelines, crons, third-party webhooks. HMAC signature verification.
Prometheus scrape New
Scrape any /metrics endpoint. Map selected series and labels to channels. Ideal for exporters that already exist in your fleet.
Alerting
30-second evaluation loop. State transitions are first-class.
Threshold rules
Warn and error thresholds per channel. Static values or percent-of-capacity expressions. Rule changes propagate within 30 seconds.
Dependency suppression
Parent-down suppresses child alerts, so a failed upstream switch does not page the entire rack behind it.
Maintenance windows
Scheduled quiet periods at device, group, or tenant scope. Recurring windows for patch cycles.
Ack / resolve
Operators acknowledge to silence without clearing state. Resolve transitions the alert cleanly. All actions logged to the audit trail.
Auto-resolve
When the underlying sensor returns to healthy for N intervals, the alert closes itself. No stale-alert fatigue.
Duplicate suppression
Repeated identical alerts within a window collapse into one. Hash-based matching on device + sensor + state.
Notifications
Route any alert to any channel, per rule, per device group.
Slack
Incoming-webhook with formatted attachments. Per-channel routing by severity.
Microsoft Teams
Adaptive-card payload so alerts render cleanly, not as raw JSON.
PagerDuty
Events API v2. Trigger, acknowledge, and resolve events tied to Jallarhorn state.
Discord
Webhook-based embed with severity-colored borders. Useful for homelabs and small teams.
Opsgenie
Webhook integration with priority mapping from Jallarhorn severity.
SMTP delivery with HTML + plaintext bodies. Works with any provider you bring.
Webhook
Outbound POST with full alert JSON. Pipe into whatever your team already runs.
Web Push New
VAPID-signed push notifications to the Jallarhorn PWA on desktop and mobile.
Reporting
Numbers your boss's boss will accept, generated by the tool that measured them.
SLA PDF reports
Uptime percentage per device or group, with the underlying downtime intervals. Generated in-box — not a separately licensed add-on.
Top-N
Busiest interfaces, most-alerted devices, slowest responses. PDF render over any time range.
CSV · HTML export
Raw metric export for ad-hoc analysis. HTML render for wiki embedding.
Scheduled delivery Q3 2026
Cron-style PDF delivery to email. Built on the existing report engine and email dispatcher.
Discovery
Find what is on the network, fingerprint it, and adopt with one click.
IP range scan
CIDR-based ICMP sweep capped at 50 concurrent probes to stay friendly. Reverse-DNS resolution for friendly names.
SNMP walk
SNMPv2c walk of sysDescr / sysName / sysOID. 25+ OID-prefix fingerprints identify common vendors (Cisco, Juniper, Dell, HPE, Synology).
Service detection
TCP probes on seven common ports (22, 80, 443, 445, 3389, 5432, 6379) to classify host role before you adopt.
Auto-adopt
POST /api/v2/discovery/adopt promotes a discovered host into a monitored device with a suggested sensor set.
Extensibility
Custom-script framework
Exec, HTTP-JSON, webhook-push, Prometheus scrape. Four plugins you configure through the UI. The same plugins are reachable via REST.
REST API
Modern /api/v2/* endpoints for device, sensor, alert, metric, and report. JSON in, JSON out. OpenAPI spec Q3 2026.
SDKs: Python, Node
Thin wrappers over the REST API. Authentication via SHA-256 hashed API keys stored only as hashes server-side.
Enterprise
SSO, RBAC, and audit logs in the $79/mo Business tier — not an enterprise-quote add-on.
SSO: LDAP, SAML, OIDC
SAML attribute mapping tested against Entra, Okta, and Google Workspace. OIDC for any compliant provider. LDAP with group-to-role mapping.
RBAC
Admin / operator / viewer roles at launch, per-device-group ACL on the roadmap. Role changes take effect on next token refresh.
Audit log
Auth events, config changes, and admin actions written to an append-only log. Checksum-chained audit log Q3 2026.
Federation
jallarhorn-farm aggregates multiple control instances. Partial-results tolerance on the X-Partial-Results header. Write-proxy routes to the correct control.
Invite-only registration
No open signup on an enterprise install. Admins invite by email with scoped role and expiring invite tokens.
httpOnly JWT cookies
Session cookies are httpOnly, Secure, SameSite=Lax. API keys use SHA-256 hashing with timing-safe comparison. No plaintext secrets at rest.
Mobile
A Progressive Web App, not a native shell around a web view.
PWA
Installable on iOS 16.4+ and Android. Manifest, service worker, mobile-responsive layout from 375px up.
Web Push New
VAPID-signed push delivered to installed PWAs. Works on desktop and mobile without an app-store roundtrip.
/monitor view
A phone-optimized status view for on-call engineers. Big tap targets, current alerts, quick ack.
Roadmap
Dates are targets, not commitments. Everything below is explicitly not on the site as shipping today.
Flow collection Q3 2026
Native NetFlow v5/v9, sFlow, and IPFIX collector. Until this ships, we do not list flow support as available.
White-label portal Q3 2026
Per-tenant branding, custom domain, and read-only customer portal for MSP use.
Native iOS and Android apps Q4 2026
Until native apps ship, Jallarhorn on mobile is the PWA. We will not claim "native apps available" before they are in the stores.
Try it on a real network.
Free tier, 10 devices, every protocol. Same binary as the paid tiers.