Jallarhorn
Features

Features

What Jallarhorn ships today. Every item below is on main and passes the full test suite, unless marked roadmap. Claims line up with the internal gap analysis — no vaporware on this page.

Monitoring protocols

Native plugins. Concurrent execution, 30-second refresh, counter-wrap handling.

SNMP v1 / v2c / v3

OID templates for common MIBs (if-MIB, host-resources, Cisco, Dell OpenManage, HPE iLO, Synology, QNAP, Nutanix). Custom-OID sensors for the long tail. Counter-wrap and 64-bit counters handled.

ICMP ping

Packet loss, latency, jitter on one sensor. Based on pro-bing with concurrent sweeps capped at 50 goroutines for discovery.

HTTP / HTTPS

Status, body content match, response time, certificate days-remaining. Basic / bearer / HMAC auth. Redirect control, timeout, and custom headers.

SSH

CPU load, memory, disk, uptime, and arbitrary script execution. Key or password auth. Works against Linux, BSD, macOS, and ESXi shells.

WinRM

CPU, memory, disk, Windows services, processes, event-log error counts, performance counters, uptime, WQL queries, and arbitrary PowerShell. NTLM authentication (Kerberos on the roadmap).

DNS

A / AAAA / MX / TXT / CNAME lookup, response time, and value-match assertions against expected records.

TCP

Port-open check with latency on any TCP port. Useful for DHCP, RDP, SNTP, and custom application ports.

SSL certificate

Days-until-expiry, issuer, chain validation. Runs on any SNI-speaking HTTPS endpoint.

Database probes · Cache probes

Ping or custom query on relational databases. Redis INFO parsing with key-count, memory, and connected-clients channels.

Custom sensors

Five plugins close roughly 70% of a typical per-sensor catalog without bespoke code.

Exec script New

Run any local executable. JSON on stdout maps to up to 50 channels. Timeout-enforced. Credentials passed via environment variables so they do not show up in process listings.

HTTP-JSON + JSONPath New

Poll any URL, parse JSON with JSONPath expressions, map N values to channels. Basic / bearer / HMAC auth. Response-time implicit channel.

Webhook push New

Receive POST /api/v2/push/:sensor_key from anywhere — CI pipelines, crons, third-party webhooks. HMAC signature verification.

Prometheus scrape New

Scrape any /metrics endpoint. Map selected series and labels to channels. Ideal for exporters that already exist in your fleet.

Docker New

Watch container health, restart counts, and resource usage straight from the Docker Engine API. Running containers map to channels automatically — no exporter or sidecar required.

Alerting

30-second evaluation loop. State transitions are first-class.

Threshold rules

Warn and error thresholds per channel. Static values or percent-of-capacity expressions. Rule changes propagate within 30 seconds.

Dependency suppression

Parent-down suppresses child alerts, so a failed upstream switch does not page the entire rack behind it.

Maintenance windows

Scheduled quiet periods at device, group, or tenant scope. Recurring windows for patch cycles.

Ack / resolve

Operators acknowledge to silence without clearing state. Resolve transitions the alert cleanly. All actions logged to the audit trail.

Auto-resolve

When the underlying sensor returns to healthy for N intervals, the alert closes itself. No stale-alert fatigue.

Duplicate suppression

Repeated identical alerts within a window collapse into one. Hash-based matching on device + sensor + state.

Escalation chains New

Ordered steps that fire after N minutes if an alert stays unacknowledged, then page the next tier. Attached per site and inherited down the tree; halts on ack or resolve; escalations break through quiet hours.

Notifications

Route any alert to any channel, per rule, per device group.

Slack

Incoming-webhook with formatted attachments. Per-channel routing by severity.

Microsoft Teams

Adaptive-card payload so alerts render cleanly, not as raw JSON.

PagerDuty

Events API v2. Trigger, acknowledge, and resolve events tied to Jallarhorn state.

Discord

Webhook-based embed with severity-colored borders. Useful for homelabs and small teams.

Opsgenie

Webhook integration with priority mapping from Jallarhorn severity.

Email

SMTP delivery with HTML + plaintext bodies. Works with any provider you bring.

Webhook

Outbound POST with full alert JSON. Pipe into whatever your team already runs.

Web Push New

VAPID-signed push notifications to the Jallarhorn PWA on desktop and mobile. Per-person, with each user's own severity floor and quiet hours.

Organize & visualize

Group by client site, see it on a map, and prove uptime — the way an MSP actually thinks.

Device groups & site tree New

A tree of groups — one per client site — is the primary navigation. Each node rolls up to the worst status beneath it, and routing, escalation, and reports all segment by group.

Topology & geo maps New

A topology graph of devices and subnet links, plus a self-hosted geographic map with a status-coloured pin per site from its coordinates. No third-party geocoding.

Uptime & status history New

Per-device uptime for the last 24 hours and 30 days, plus a status-history timeline — computed honestly from the presence of metric samples, the same model the SLA reports use.

Notification routing New

Scope a channel to specific sites and a minimum severity, so Client A's alerts reach only Client A's queue. Unscoped channels keep receiving everything.

Notification log New

Every send — delivered, failed, or suppressed — is visible with its reason, so a bad SMTP password can't fail silently. A bell badges unseen failures.

Dashboard widgets

Pick and arrange widgets: status summary, live alert feed, sensor charts, per-site health tiles, gauges, and Top-N rankings.

Reporting

Numbers your boss's boss will accept, generated by the tool that measured them.

SLA PDF reports

Uptime percentage per device or group, with the underlying downtime intervals. Generated in-box — not a separately licensed add-on.

Top-N

Rank sensors by worst downtime, slowest average latency, or most alerts over any time range. Exports as PDF, CSV, or HTML.

CSV · HTML export

Every SLA and Top-N report exports as CSV for spreadsheets or a standalone HTML file for wiki embedding, alongside the PDF.

Scheduled delivery Q3 2026

Cron-style PDF delivery to email. Built on the existing report engine and email dispatcher.

Discovery

Find what is on the network, fingerprint it, and adopt with one click.

IP range scan

CIDR-based ICMP sweep capped at 50 concurrent probes to stay friendly. Reverse-DNS resolution for friendly names.

SNMP walk

SNMPv2c walk of sysDescr / sysName / sysOID. 25+ OID-prefix fingerprints identify common vendors (Cisco, Juniper, Dell, HPE, Synology).

Service detection

TCP probes on seven common ports (22, 80, 443, 445, 3389, 5432, 6379) to classify host role before you adopt.

Auto-adopt

POST /api/v2/discovery/adopt promotes a discovered host into a monitored device with a suggested sensor set.

Extensibility

Custom-script framework

Exec, HTTP-JSON, webhook-push, Prometheus scrape. Four plugins you configure through the UI. The same plugins are reachable via REST.

REST API

Modern /api/v2/* endpoints for device, sensor, alert, metric, and report. JSON in, JSON out. OpenAPI spec Q3 2026.

SDKs: Python, Node

Thin wrappers over the REST API. Authentication via SHA-256 hashed API keys stored only as hashes server-side.

Enterprise

SSO, RBAC, and audit logs included on every plan — not an enterprise-quote add-on.

SSO: LDAP, SAML, OIDC

SAML attribute mapping tested against Entra, Okta, and Google Workspace. OIDC for any compliant provider. LDAP with group-to-role mapping.

RBAC

Admin / operator / viewer roles at launch, per-device-group ACL on the roadmap. Role changes take effect on next token refresh.

Audit log

Auth events, config changes, and admin actions written to an append-only log. Checksum-chained audit log Q3 2026.

Federation

jallarhorn-farm aggregates multiple control instances. Partial-results tolerance on the X-Partial-Results header. Write-proxy routes to the correct control.

Invite-only registration

No open signup on an enterprise install. Admins invite by email with scoped role and expiring invite tokens.

httpOnly JWT cookies

Session cookies are httpOnly, Secure, SameSite=Lax. API keys use SHA-256 hashing with timing-safe comparison. No plaintext secrets at rest.

Mobile

A Progressive Web App, not a native shell around a web view.

PWA

Installable on iOS 16.4+ and Android. Manifest, service worker, mobile-responsive layout from 375px up.

Web Push New

VAPID-signed push delivered to installed PWAs. Works on desktop and mobile without an app-store roundtrip.

/monitor view

A phone-optimized status view for on-call engineers. Big tap targets, current alerts, quick ack.

Roadmap

Dates are targets, not commitments. Everything below is explicitly not on the site as shipping today.

Flow collection Q3 2026

Native NetFlow v5/v9, sFlow, and IPFIX collector. Until this ships, we do not list flow support as available.

White-label portal Q3 2026

Per-tenant branding, custom domain, and read-only customer portal for MSP use.

Native iOS and Android apps Q4 2026

Until native apps ship, Jallarhorn on mobile is the PWA. We will not claim "native apps available" before they are in the stores.

Try it on a real network.

Free tier, 10 devices, every protocol. Same binary as the paid tiers.