SecuMon

SecuMon PlatformArchitecture & Components

A comprehensive microservices architecture built for scale, security, and reliability. Monitor your entire IT/OT infrastructure from a single platform.

Microservices Architecture

SecuMon is built on a modern, scalable microservices architecture with secure communication over WireGuard VPN.

SecuMon Agent

Lightweight Go Binary (~10MB)

WireGuard Tunnel (Encrypted)

Auto-provisioned gRPC over mTLS

Collector

gRPC Gateway

API

REST + WebSocket

Alerting

Multi-channel

Grafana

Visualization

TimescaleDB

Time-series metrics

PostgreSQL

Config & metadata

Redis

Cache & real-time

Core Components

Enterprise-grade components designed for reliability and performance

SecuMon Agent

Lightweight Go binary (~10MB) deployed on each monitored server. Collects CPU, memory, disk, network, and process metrics with minimal resource usage (<50MB RAM, <1% CPU).

Probe Scanner

External monitoring from multiple locations. Performs ping, traceroute, port scanning, SSL/TLS analysis, and HTTP/HTTPS checks for comprehensive network visibility.

Collector Node

Central aggregation point with gRPC gateway for high-throughput metric ingestion. Auto-provisions WireGuard tunnels and handles 100,000+ metrics/second.

REST API

44+ endpoints for querying metrics, managing agents, configuring alerts. Supports JWT auth, WebSocket streaming, and real-time data access with <100ms latency.

Alerting Engine

Intelligent multi-channel alerting with customizable rules, thresholds, and escalation policies. Supports Email, Slack, Webhook with <10s alert latency.

Grafana Dashboards

3 pre-configured dashboards (System Overview, Network/Process, Alerts) with automatic TimescaleDB integration for powerful data visualization.

Comprehensive Metrics Collection

CPU Metrics

  • • Usage percentage
  • • Load average (1/5/15 min)
  • • Per-core utilization
  • • Context switches

Memory Metrics

  • • RAM usage & available
  • • Swap utilization
  • • Cache & buffers
  • • Memory pressure

Disk Metrics

  • • Space per partition
  • • Inode usage
  • • I/O statistics (IOPS)
  • • Read/write throughput

Network Metrics

  • • Bandwidth per interface
  • • Packets & errors
  • • Active connections
  • • TCP/UDP statistics

Enterprise Security Built-In

End-to-End Encryption

All communication over WireGuard VPN with mTLS. AES-256-GCM encryption at rest for sensitive data.

Multi-Tenant Isolation

Row-Level Security (RLS) in PostgreSQL ensures complete data isolation between clients.

SSO Integration

JumpCloud SSO for super admin access. Support for SAML, OAuth2, and TOTP MFA.

Intelligent Data Retention

Data TypeGranularityRetention
Raw Metrics1 minute30 days
Aggregated (5min)5 minutes90 days
Aggregated (1h)1 hour365 days
AlertsRaw365 days
EventsRaw180 days

* Custom retention policies available on Enterprise plans

Ready to deploy SecuMon?

Get started in minutes with our Docker/Kubernetes deployment or contact us for on-premise setup.

Start Free TrialView Documentation