See who is connected and why it matters.
Follow active and recently observed public connections with direction, process, service, port, approximate location, ISP, ASN, and correlated application context.
EdgeWatch brings network activity, service health, security posture, private tunnels, and Plex activity into one focused command center for self-hosted infrastructure.
EdgeWatch connects those signals so you can move from a vague alert to useful context without bouncing between terminals, dashboards, and service pages.
Follow active and recently observed public connections with direction, process, service, port, approximate location, ISP, ASN, and correlated application context.
Review UFW, cloud firewall attachment, public listeners, SSH configuration, login activity, certificates, DNS alignment, updates, AppArmor, time sync, and prioritized findings.
Track services, public endpoints, private tunnel paths, TLS state, failed units, journal warnings, resource pressure, and availability from one place.
See viewer, player, source, output, bandwidth, progress, secure and relay state, plus Direct Play, Direct Stream, and transcode classification.
Viewer and administrator experiences keep everyday monitoring clean while protecting configuration, credentials, notifications, protection policies, and audit history.
EdgeWatch correlates low-level network observations with the services and sessions you actually care about. The result is a faster path from “something connected” to “this device is streaming through this route at this bandwidth.”
EdgeWatch uses explicit trust boundaries, least privilege, secret isolation, local assets, and bounded storage to reduce the monitoring system's own attack surface.
The collector reads protected host state. The web service remains unprivileged and consumes sanitized monitoring data.
The privileged collector does not expose a network socket or accept browser input.
Credentials remain in protected files and are excluded from the live browser snapshot.
Core assets, map data, and GeoIP enrichment can stay local, without analytics or remote IP lookup calls.
Clear boundaries matter. EdgeWatch is a focused edge monitoring and operations platform. It does not claim to replace a SIEM, IDS, EDR, malware scanner, vulnerability platform, or external attack-surface scanner.
EdgeWatch runs close to the edge so it can read the host, tunnel, service, and connection state that generic remote monitoring often misses.
Near real-time cycle
Fast operational state and session visibility.
Third-party browser calls
Core dashboard assets remain local.
Focused command center
Network, security, services, and media context.
Understand the VPS, reverse proxy, public listeners, certificates, DNS, traffic, and resources that keep your services reachable.
Follow WireGuard peer health and the private routes connecting public entry points to services behind the tunnel.
Watch Plex availability, active sessions, stream methods, users, devices, bandwidth, and route context in the same operational view.
EdgeWatch is intentionally specific about what it observes, how it is deployed, and what it does not pretend to be.
EdgeWatch combines public connections, traffic, listeners, SSH activity, host and cloud firewall state, WireGuard, endpoints, TLS, DNS, services, system health, findings, notifications, and Plex activity.
No. EdgeWatch observes operating system, socket, service, configuration, API, and application state. It does not capture or inspect packet payloads.
No. It is a focused edge monitoring and operational security command center. It complements broader security tools rather than replacing them.
The current architecture runs the web application on loopback behind Caddy and an identity layer. The collector and browser-facing service are separated by privilege and data boundaries.
No. Plex visibility is one part of a larger platform covering the public edge, private tunnels, service availability, security controls, and host operations.
The R11 upgrade package includes the current EdgeWatch command center, administration workspace, Microsoft Entra integration, protection controls, and installation validation.
Send a message through the secure form. The destination address stays in private server configuration and is never exposed in the website source.