Platform Capabilities
Every feature you need.
Nothing you don't.
HostAtlas gives your team complete infrastructure visibility — from auto-discovery and real-time monitoring to incident response and compliance. One agent. One platform. Every capability listed here.
Discovery & Mapping
Know what's running. Everywhere.
HostAtlas automatically discovers every server, service, domain, container, and certificate in your infrastructure. No manual inventory. No stale spreadsheets. Just install the agent and watch your infrastructure map itself.
Auto-Discovery
The agent automatically detects servers, running services, hosted domains, Docker containers, and SSL certificates. Discovery runs continuously so your inventory is always current — no manual updates required.
Atlas Graph
Visualize your entire infrastructure as an interactive topology map. See relationships between servers, services, domains, and containers at a glance. Drill into any node to see its details, metrics, and connections.
Infrastructure Search
Find anything in your infrastructure instantly. Search by domain name, hostname, IP address, service type, or container name. Results link directly to the relevant server, domain, or service detail page.
Domain Management
Every discovered domain gets its own page showing the hosting server, web server configuration, SSL certificate status, health check history, and access logs. One view for everything about a domain.
Container Tracking
Automatically discover and monitor Docker and containerd containers. Track container state, image versions, port mappings, and resource usage. Know when containers start, stop, or restart unexpectedly.
Docker Compose Detection
Automatically detects Docker Compose projects and groups containers by project. Shows volumes, networks, resource limits, and restart policies. Container events track lifecycle (start, stop, crash, OOM) in real time.
Container Image Scanning
Scan Docker images for known CVEs using Trivy or Docker Scout. One-click vulnerability assessment with severity breakdown (critical, high, medium) and fix recommendations per package.
Service Detection
Detects nginx, Apache, MySQL, PostgreSQL, Redis, Caddy, and more. The agent identifies running service processes, versions, and listening ports — then continuously monitors their presence and health.
Hosting Provider Detection
Automatically identifies hosting providers for all your servers from IP address ranges. Supports 51 providers including AWS, Hetzner, DigitalOcean, OVH, Vultr, and more. Track provider status and outages across your fleet.
Domain Map
Visualize the full chain from hosting provider to server to domain. See which providers host which servers and which domains run on each. Instant clarity on your infrastructure distribution across providers.
Infrastructure Heatmap
Datadog-style resource visualization showing CPU, memory, and disk utilization across all servers at a glance. Color-coded cells highlight hotspots and underutilized resources. Identify capacity issues before they become outages.
Kubernetes Monitoring
Auto-detected when kubectl is available on a server. Tracks nodes (CPU/RAM/status), pods across all namespaces, deployments (ready state), services, and cluster summary. Problem pods — CrashLoopBackOff, ImagePullBackOff, pending — surfaced immediately in a dedicated dashboard.
Proxmox VE Monitoring
Automatically detects Proxmox VE nodes via pvesh. Monitors node resource usage (CPU, RAM, disk), lists all QEMU virtual machines and LXC containers with their status and resource allocation, and tracks storage pool utilization across the cluster.
Monitoring
Metrics that matter. Updated in real time.
System metrics collected every 15 seconds. Domain health checks every 5 minutes. SSL expiration tracked daily. All delivered to your dashboard over WebSockets — no page refresh required.
System Metrics
Per-core CPU utilization, RAM breakdown (used, cached, buffers), disk usage per mount point, network I/O per interface, load average, and swap usage. Granular data with historical charts and time-range selection.
Domain Health Checks
HTTP pings every 5 minutes for every discovered domain. Track HTTP status codes, response times, and TLS handshake durations. Detect downtime within minutes and see uptime percentages over any time range.
SSL Certificate Monitoring
Continuous tracking of every SSL certificate's expiration date. Automatic 14-day warning alerts before expiry. Detects certificate renewals and updates the dashboard instantly. Never let a cert expire silently again.
Server Offline Detection
When a server's agent hasn't reported in for more than 5 minutes, HostAtlas marks the server as offline and triggers alerts. Distinguishes between network blips and genuine outages using consecutive missed check-ins.
Custom Dashboards
Build dashboards with KPI cards, time-series charts, and list widgets. Select time ranges from 1 hour to 30 days. Pin the metrics that matter most to your team and share dashboards across your organization.
Real-time WebSockets
Live metric updates streamed directly to your browser. Server status changes, new discovery events, and alert triggers appear instantly. No polling, no page refreshes — just a persistent connection to your infrastructure.
Database Monitoring
Deep monitoring for MySQL, PostgreSQL, MongoDB, Redis, Elasticsearch, Memcached, CockroachDB, and ClickHouse. Track connections, queries per second, replication lag, cache hit ratios, and database-specific health metrics.
Service Plugins
21 built-in service plugins auto-detect and collect metrics from the services running on each server. Includes RabbitMQ (queue depth, consumers, message rates), Kafka (topics, consumer group lag), HAProxy (frontend/backend sessions, error rates), Varnish (cache hit rate, ban list), Postfix (queue sizes, delivery rates), and more.
Database Backups
On-demand and scheduled backups for all supported database types. Pre-flight checks validate connectivity and permissions before backup starts. Live polling shows backup progress in real time with download links on completion.
Container Detail Pages
Dedicated detail pages for every Docker container with real-time CPU, memory, and network stats. Stream container logs directly in the browser. Restart containers remotely without SSH access to the host server.
Anomaly Detection
Z-score based anomaly detection learns your infrastructure's baseline behavior and alerts on deviations. Automatically detects unusual CPU, memory, disk, and network patterns without manual threshold configuration.
DNS Monitoring
Continuously monitors DNS records for all your domains and alerts on changes. Detects unauthorized modifications, tracks A/AAAA/MX/TXT record history, and intelligently skips CDN-proxied domains to avoid false positives.
Alerting & Notifications
Get notified before it becomes an outage.
Define threshold-based alert rules for any metric. Route notifications to Slack, email, PagerDuty, or webhooks. Set up escalation policies so the right people are reached at the right time.
Metric Alert Rules
Create threshold-based rules for CPU, RAM, disk, load average, swap, and network metrics. Set warning and critical thresholds with configurable evaluation windows and cooldown periods to prevent alert fatigue.
Multi-channel Notifications
Deliver alerts where your team works. Slack channels, email addresses, PagerDuty services, and custom webhook endpoints. Configure multiple channels per alert rule so nobody misses a critical notification.
Escalation Policies
Define tiered escalation with configurable timeouts. If the primary on-call doesn't acknowledge within your time window, the alert automatically escalates to the next tier. Ensure every critical alert reaches someone.
Maintenance Windows
Schedule maintenance windows to suppress alerts during planned work. Specify which servers or services are affected and for how long. Alerts resume automatically when the window closes — no manual cleanup needed.
Alert Delivery Tracking
Track the delivery status of every notification. See sent, delivered, and failed statuses with timestamps. Detailed delivery logs help you troubleshoot when a Slack webhook fails or an email bounces.
Cooldown Periods
Prevent alert storms with configurable cooldown periods. After an alert fires, HostAtlas suppresses duplicate notifications for the specified duration. Stay informed without being overwhelmed during cascading failures.
Auto-Recovery Rules
Define recovery policies per service: manual, auto-restart once, or auto-restart with limits. When a service crashes, HostAtlas detects it via the agent and automatically restarts it based on your policy — with cooldown and rate limiting to prevent restart loops.
Incident Management
From crash detection to root cause in one place.
When a service crashes, HostAtlas automatically captures system metrics, collects relevant logs, and builds a chronological timeline. Everything you need to diagnose and resolve — without SSH-ing into a server.
Automatic Crash Detection
The agent monitors service processes and detects when they disappear. When a monitored service like nginx, MySQL, or PostgreSQL stops running unexpectedly, an incident is created automatically within seconds.
Log Collection
At the moment of crash detection, the agent captures error logs, syslog entries, and dmesg output from a configurable window around the crash event. Critical context is preserved automatically, not after the fact.
Metrics Snapshots
CPU utilization, memory usage, disk I/O, and load average at the exact moment of the crash are captured and attached to the incident. Compare crash-time metrics against baseline to identify resource exhaustion patterns.
Incident Timeline
Every incident includes a chronological sequence of events — process disappearance, log entries, metric spikes, alert notifications sent, and follow-up checks. Read the full story of what happened and when.
Follow-up Collection
Two minutes after a crash is detected, the agent collects follow-up data — restart attempt logs, current process state, and post-crash metrics. See whether the service recovered on its own or needs manual intervention.
Manual Incidents
Not every issue is detected automatically. Create manual incidents for external problems — DNS failures, third-party outages, or application-level bugs. Attach notes, assign severity, and track resolution alongside automated incidents.
Heartbeat Monitoring
Know when your cron jobs and background tasks fail.
Create HTTP ping endpoints for any scheduled job. HostAtlas tracks every ping, measures job duration, and alerts you when expected pings don't arrive on time. No more silent cron failures.
Cron Job Monitoring
Create a heartbeat endpoint and add a single curl command to your cron job. HostAtlas receives the ping, records the timestamp, and confirms the job ran. If the ping never arrives, you get alerted.
Job Duration Tracking
Use start and finish endpoints to measure how long each job takes. Track duration trends over time and detect when a job starts running slower than expected. Set duration thresholds to catch performance regressions early.
Missed Detection
Configure the expected interval and a grace period for each heartbeat. If a ping doesn't arrive within the expected window plus grace, HostAtlas marks it as missed and triggers your notification channels.
Success/Failure Endpoints
Report explicit success or failure status from your jobs. Hit the success endpoint when the job completes normally or the failure endpoint when it encounters an error. HostAtlas tracks both states and alerts on failures.
Custom Payloads
Send JSON payloads with your pings to include custom metrics — rows processed, files synced, errors encountered, or any data your job produces. Payloads are stored and displayed alongside the ping history.
Auto-generated curl Commands
Every heartbeat comes with ready-to-copy curl commands for start, success, and failure endpoints. Paste them into your crontab, shell scripts, or CI/CD pipelines. No SDK, no library — just HTTP.
Logs & Observability
See what happened. Without SSH.
Access server logs from your browser. Stream logs in real time, query historical data by time range, and track configuration changes across your infrastructure. Cloudflare LogPush integration for edge-level visibility.
Log Management
Access server logs without opening an SSH session. Stream logs in real time from any monitored server directly in your browser. Filter by service, severity, and time range to find exactly what you need.
Time-range Queries
Query historical log data by specifying a start and end time. Investigate issues after the fact by narrowing down to the exact window when something went wrong. Export results for offline analysis.
Log Path Discovery
The agent automatically discovers log file locations for detected services. No manual configuration of log paths. When nginx, Apache, MySQL, or other services are found, their log files are located and made accessible.
Cloudflare LogPush
Ingest Cloudflare LogPush data for edge-level visibility. Analyze HTTP traffic patterns, WAF events, bot detection results, and cache performance. Correlate edge logs with server-side metrics for complete request tracing.
Infrastructure Timeline
A chronological feed of everything happening across your infrastructure — server status changes, service discoveries, alert triggers, incidents, and configuration changes. Filter by severity to focus on what matters.
Configuration Change Detection
Detect changes to nginx configs, Apache virtual hosts, and system configuration files. HostAtlas tracks configuration state and alerts you when files are modified. Correlate config changes with incidents for faster root cause analysis.
Security & Compliance
Built for teams that take security seriously.
Role-based access control, immutable audit logs, two-factor authentication, and encryption at every layer. The agent communicates outbound-only with whitelisted commands. Your infrastructure data stays isolated in your tenant.
Role-Based Access Control
Four built-in roles — Owner, Admin, Member, and Viewer — with granular permissions for every action. Control who can create alert rules, manage servers, invite team members, or view sensitive infrastructure data.
Audit Logging
Every user action is recorded in an immutable audit log — logins, role changes, alert rule modifications, server deletions, and API key rotations. Filter by user, action type, or time range. Audit logs cannot be modified or deleted.
2FA / TOTP
Protect accounts with time-based one-time passwords using any authenticator app. Recovery codes are generated at setup for account access if the authenticator device is lost. Enforce 2FA across your entire organization.
Agent Security
The agent communicates outbound-only — no inbound ports are required. Authentication uses per-server tokens. All commands the agent can execute are explicitly whitelisted. The agent binary is signed and verifiable.
Encryption
TLS encryption for all data in transit. API keys are stored as SHA-256 hashes. User passwords are hashed with bcrypt. Sensitive configuration values are encrypted at rest. No plaintext secrets anywhere in the system.
Multi-tenancy
Complete tenant isolation at every layer. Your servers, metrics, logs, and configuration are invisible to other tenants. Database-level separation ensures no data leakage between organizations, even in shared infrastructure.
Security Scanner
Automated CVE detection powered by the Debian Security Tracker. Scans installed packages for known vulnerabilities and flags affected servers. Severity-ranked results with remediation guidance so you can patch what matters first.
Compliance Hub
GDPR data export, session management, login history, enforced 2FA, and a complete audit log — all in one place. Track compliance posture across your organization and generate reports for auditors and stakeholders.
Firewall Management
Fail2Ban & UFW. Managed from one UI.
View jails, ban IPs, manage firewall rules, and auto-install security tools — all from the HostAtlas dashboard. No SSH required. Integrates directly with Attack Mode for real-time threat response.
Fail2Ban Dashboard
View all jails with status, banned IP count, ban time, and filter config. Expand any jail to see the full banned IP list. Unban with one click. Manual ban form with jail selector and custom duration.
UFW Rule Management
Full rule table with port, action, source, and comment. Add new allow/deny/reject rules. Delete rules with confirmation. Enable or disable UFW — with automatic SSH lockout protection.
One-Click Install
If Fail2Ban or UFW isn't installed, HostAtlas shows an install button. One click and the agent installs, configures sane defaults (sshd jail, SSH allow rule), and starts the service.
Ban Event History
Every ban and unban is tracked — whether triggered automatically by Fail2Ban or manually from the UI. Timeline view with IP, jail, source, and timestamp.
Attack Mode Integration
When Attack Mode is active, the dashboard shows Fail2Ban status alongside live attack data. See which jails are catching attackers. Ban through fail2ban, iptables, or Cloudflare.
Firewall Auto-Setup
Create an automation that installs Fail2Ban and UFW on every new server. Configure default jails, ban times, and allowed ports — applied automatically when a new server connects.
Cron Job Management
View, create, and delete cron jobs. From the dashboard.
The agent discovers all crontabs on every server automatically. See schedules in human-readable format, create new jobs with presets, delete old ones with one click, and link crons to heartbeat monitors for execution tracking.
Cron Discovery
The agent reads all crontabs for all users and system cron directories. Every cron job appears automatically in the dashboard with its schedule, command, and owner.
Create & Delete
Create cron jobs from the UI with a command, user selector, and schedule. Delete existing jobs with one click. The agent writes and removes crontab entries remotely.
Schedule Presets
Pick from common presets — every minute, hourly, daily at midnight, weekly, monthly — or write a custom cron expression. Human-readable schedule display for every entry.
Heartbeat Monitoring
Link any cron job to a heartbeat monitor. When the cron runs, it pings the heartbeat endpoint. If the ping stops, you get alerted. No more silent cron failures.
Automations & Workflows
Automate the repetitive. Focus on what matters.
22 built-in automation types that handle routine infrastructure tasks. From scheduled backups to auto-blocking malicious IPs, automations run on your schedule with full execution logs and visual flow cards.
22 Automation Types
Scheduled Backup, SSL Renewal, Disk Cleanup, Stale Server Detection, Service Recovery, Container Restart, Auto-Block IPs, DB Maintenance, Log Pattern Alert, Domain Expiry, Config Rollback, Webhook Action, Scale Recommendation, Deploy Hook, Maintenance Suppress, and 7 more types covering queue management, security scanning, and pipeline triggers.
Visual Flow Cards
Each automation is represented as a visual flow card showing trigger conditions, actions, and target resources. See at a glance what each automation does, when it runs, and which servers or services it affects.
Execution Logs
Every automation execution is logged with timestamps, status, duration, and output. Review what ran, when it ran, and whether it succeeded or failed. Debug failed automations with detailed error messages and stack traces.
Operations
Deploy, defend, and execute — all in one place.
Track every deployment, monitor CI/CD pipeline health, run remote scripts, and respond to attacks in real time. Operations brings the full lifecycle of infrastructure changes into HostAtlas.
CI/CD Pipeline Monitoring
Track every GitHub Actions workflow run and GitLab CI pipeline in one dashboard. See status (success, failure, running, cancelled), duration, triggered-by, and branch for each run. Success rate and avg duration over the last 30 days with failure trend detection. Connect via the existing incoming webhook URL — no new token required.
Deploy Tracking
Log every deployment with commit SHA, branch, deployer, and timestamp. Triggered from GitHub push webhooks, GitLab push hooks, or any CI/CD tool. Correlate deploys with metric spikes, incidents, and alerts on the infrastructure timeline.
Recipes & Remote Scripts
Save reusable scripts as Recipes and run them on any server directly from the dashboard. Multi-step execution with per-step output and status. Run as any system user. Full execution history with timestamps, output, and exit codes. No SSH session needed.
Under Attack Mode
Activate with one click to shift the agent into 5-second high-frequency collection. A live dashboard tracks attacking IPs, connection states, requests/sec, and SYN flood indicators. One-click IP ban via ufw/iptables. Cloudflare Under Attack Mode toggle. After deactivation, all data is saved as an incident with AI attack analysis.
Domain Provisioning
Provision a new domain in seconds — HostAtlas creates the web root, writes the vhost config from a customizable template, reloads the web server, and requests an SSL certificate automatically. Supports nginx, Apache, and Caddy with a full progress UI showing each provisioning step in real time.
Postmortem Reports
Generate branded PDF reports directly from incidents. Includes timeline, root cause analysis, affected services, resolution steps, and AI-generated summary. Send postmortems to stakeholders without copying data into a separate document.
Insights & Analytics
Intelligence that drives better decisions.
Go beyond raw metrics with actionable insights. Security vulnerability scanning, cost optimization recommendations, dependency analysis, incident statistics, and capacity forecasting — all generated from your infrastructure data.
Security Scanner
Continuous CVE scanning across all servers. Identifies vulnerable packages, ranks by severity, and provides remediation steps. Track your security posture over time and get alerted when new vulnerabilities affect your fleet.
Cost Optimization
Identify underutilized servers, oversized instances, and wasted resources. Get right-sizing recommendations based on actual usage patterns. Know exactly where you can cut costs without impacting performance.
Dependency Impact Analysis
Understand the blast radius of any server or service failure. See which domains, containers, and dependent services would be affected. Make informed decisions about maintenance windows and change management.
Incident Statistics
Track mean time to detect, mean time to resolve, incident frequency, and recurring failure patterns. Break down incidents by server, service, and severity. Measure your team's incident response performance over time.
Capacity Forecasting
Project when servers will run out of disk space, memory, or CPU headroom based on historical growth trends. Plan infrastructure scaling before capacity becomes an emergency. Data-driven provisioning decisions.
AI Infrastructure Assistant
Ask questions about your infrastructure in natural language. Get instant answers about server status, root cause analysis, optimization recommendations, and security insights. Smart model routing uses Haiku for simple queries and Sonnet for complex analysis to keep costs low.
macOS Notification App
Native macOS menu bar app for real-time infrastructure notifications. Glass-design panel with notification cards, severity indicators, and one-click actions. OAuth login syncs with your HostAtlas account.
Team & Organization
Infrastructure visibility for the whole team.
Invite your team, assign roles, organize infrastructure into workspaces, and share status with your customers. HostAtlas is built for collaboration — not just for the person who set it up.
Team Management
Invite team members by email and assign roles immediately. Manage active members, revoke access instantly, and track who has access to what. Simple invitation flow with no complex provisioning required.
Workspaces
Organize your infrastructure into logical groups. Separate production from staging, client A from client B, or US servers from EU servers. Each workspace provides a focused view of the servers and services that belong to it.
Tagging System
Apply key-value tags to servers, domains, services, and containers. Use tags for filtering, grouping, and organizing. Tags propagate through the UI — filter your dashboard, alert rules, or search results by any tag combination.
Status Pages
Create public-facing status pages for your customers and stakeholders. Display the operational status of your services, post incident updates, and show uptime history. Customizable branding to match your identity.
Scheduled Reports
Generate daily, weekly, or monthly infrastructure reports as branded PDFs. Choose from 20 report sections including server overview, incident summary, security scanner, compliance status, and capacity forecasts. Custom PDF templates with your branding.
Daily Summary Emails
Every morning, tenant owners receive an AI-generated infrastructure summary covering server health, open incidents, expiring certificates, and recent alerts. Stay informed without logging in.
API & Integrations
Extend, automate, and integrate.
A comprehensive REST API with scoped API keys. Outgoing webhooks with HMAC signatures. Native integrations with Slack, PagerDuty, and Cloudflare. Build on top of HostAtlas or plug it into your existing toolchain.
REST API
Comprehensive API endpoints for every resource — servers, services, domains, containers, metrics, alerts, incidents, and heartbeats. JSON responses with consistent pagination, filtering, and error handling.
API Key Management
Create scoped API keys with fine-grained permissions. Set expiration dates and rotate keys without downtime. Each key has a description and last-used timestamp so you always know which integrations are active.
Outgoing Webhooks
Configure webhook subscriptions for any event type. Every payload includes an HMAC-SHA256 signature for verification. Retry failed deliveries automatically. Inspect delivery logs to troubleshoot integrations.
Slack Integration
Send alert notifications directly to Slack channels. Rich message formatting with severity indicators, affected resources, and direct links to the HostAtlas dashboard. Configure multiple Slack channels for different alert types.
PagerDuty Integration
Trigger PagerDuty incidents directly from HostAtlas alerts. Map alert severities to PagerDuty urgency levels. When alerts resolve in HostAtlas, the corresponding PagerDuty incident is resolved automatically.
Cloudflare Integration
Connect your Cloudflare account to ingest LogPush data. Analyze edge traffic, WAF events, bot scores, and cache hit ratios alongside your server-side metrics. Complete visibility from edge to origin.
Provider Connections
Connect your cloud and DNS providers for deeper integration. Supported: Hetzner Cloud, DigitalOcean, Cloudflare, INWX, Namecheap for DNS management. Jira, Linear, and GitHub Issues for automatic ticket creation from alerts.
Domain Provisioning
Provision new domains directly from the dashboard. HostAtlas creates the directory structure, writes the vhost config, reloads the web server, and requests an SSL certificate — all automatically via the agent. Supports nginx, Apache, and Caddy with customizable vhost templates.
The Agent
Lightweight. Secure. Zero configuration.
A single Go binary under 10 MB with no external dependencies. Install with one command, configure with a simple YAML file, and let it handle the rest. Outbound-only communication means no inbound ports to worry about.
Lightweight Go Agent
Written in Go for minimal resource usage. The compiled binary is under 10 MB with zero external dependencies. Runs as a system service with negligible CPU and memory footprint — you won't notice it on your server.
One-line Installation
A single curl command downloads the agent, configures the system service, and starts auto-discovery immediately. No package managers, no compilation, no dependency resolution. From zero to monitored in 30 seconds.
Outbound-only Communication
The agent only makes outbound HTTPS connections to HostAtlas servers. No inbound ports are opened. No SSH tunnels. No reverse proxies. Your server's firewall rules stay exactly as they are.
Self-update Capability
The agent checks for new versions and updates itself automatically. No SSH sessions needed to roll out agent updates across your fleet. Updates are applied gracefully with zero downtime to monitoring coverage.
YAML Configuration
Simple YAML configuration for agent behavior — server token, API endpoint, log level, and optional custom tags. Sensible defaults mean most deployments require no configuration changes beyond the initial token setup.
Command Whitelisting
Every command the agent can execute is explicitly defined and whitelisted. The agent cannot run arbitrary commands on your server. This security boundary is enforced at the binary level, not by configuration.
0+
Features across 10 categories
0
Service types auto-detected
0
Notification channels
0s
Agent install to first data
Get started
Ready to see everything in your infrastructure?
Start with the free plan. Install the agent on your first server. Auto-discovery begins in seconds and you'll have complete visibility within minutes. No credit card required. No sales call needed.
Quick install
$ curl -sSL https://install.hostatlas.app/install.sh | sudo bash -s -- --key=SERVER_KEY_