Observer
AI-powered log security for Linux servers — detects attacks, captures evidence, verifies outcomes
Observer watches your Docker container logs and host system events — sshd, sudo, kernel — classifies threats using an LLM, captures HTTP response evidence, and verifies whether attacks actually succeeded before sending an alert. One accurate finding instead of fifty false alarms.
It ships as a single static Go binary with no runtime dependencies. Docker containers are monitored automatically if Docker is present. If not, Observer watches everything through journald — the policy engine, LLM classification, and email alerts all work on a bare metal server with nothing but sshd.
Current status
| Version | v1.0 (April 2026) |
| License | AGPL-3.0 (open core) |
| Runtime | Single Go binary, systemd service |
| LLM | Any OpenAI-compatible endpoint (OpenAI, Ollama, self-hosted) |
| Dashboard | Free hosted dashboard at vaultguardian.io |
| Footprint | Bare metal Linux, Docker, Docker Swarm |
Where to go next
Installation
One-command install, manual steps, air-gapped with Ollama, private beta auth notes.
Configuration
Environment variables, LLM provider setup, trusted IPs, Docker socket configuration.
How It Works
The 5-layer pipeline: Policy Engine → Seeds → Pattern Store → LLM → Evidence.
What It Catches
Policy engine events, deterministic seed patterns, and LLM-classified novel attacks.
CLI Reference
The `vaultguardian` command — status, logs, stats, updates, version management.
Core principles
Observer is built around a few hard-edged design decisions:
- Deterministic first, AI second. Known facts resolve via rules. The LLM only handles what rules can't. Policy is identity, not inference.
- Evidence before escalation. No email fires until Observer knows what the server actually returned. Attacks that failed stay quiet.
- One pattern, one payment. Every LLM classification becomes a reusable pattern. Cache hits are free. 97%+ hit rate in production.
- Observer observes. By design, it doesn't block, quarantine, or respond. Response actions (fail2ban, iptables) will be opt-in only.
- Works everywhere. The same binary runs on bare metal, Docker hosts, and Docker Swarm clusters. No sidecars, no agents, no daemons on your containers.