NetAlertX - Network Visibility & Asset Intelligence Framework

📷 Click for more screenshots

Head to https://netalertx.com/ for even more gifs and screenshots 📷.

Centralized network visibility and continuous asset discovery.

Monitor devices, detect change, and stay aware across distributed networks.

NetAlertX provides a centralized "Source of Truth" (NSoT) for network infrastructure. Maintain a real-time inventory of every connected device, identify Shadow IT and unauthorized hardware to maintain regulatory compliance, and automate compliance workflows across distributed sites.

NetAlertX is designed to bridge the gap between simple network scanning and complex SIEM tools, providing actionable insights without the overhead.

Table of Contents

• Quick Start
• Features
• Documentation
• Security & Privacy
• FAQ
• Troubleshooting Tips
• Everything else

Quick Start

[!WARNING]
⚠️ Important: The docker-compose has recently changed. Carefully read the Migration guide for detailed instructions.

Start NetAlertX in seconds with Docker:

docker run -d \
  --network=host \
  --restart unless-stopped \
  -v /local_data_dir:/data \
  -v /etc/localtime:/etc/localtime:ro \
  --tmpfs /tmp:uid=20211,gid=20211,mode=1700 \
  -e PORT=20211 \
  -e APP_CONF_OVERRIDE='{"GRAPHQL_PORT":"20214"}' \
  ghcr.io/netalertx/netalertx:latest

Note: Your /local_data_dir should contain a config and db folder.

To deploy a containerized instance directly from the source repository, execute the following BASH sequence:

git clone https://github.com/netalertx/NetAlertX.git
cd NetAlertX
docker compose up --force-recreate --build
# To customize: edit docker-compose.yaml and run that last command again

Need help configuring it? Check the usage guide or full documentation.

For Home Assistant users: Click here to add NetAlertX

For other install methods, check the installation docs

---

|| Docker guide || Releases || Docs || Plugins || Website

---

Features

Discovery & Asset Intelligence

Continuous monitoring for unauthorized asset discovery, connection state changes, and IP address management (IPAM) drift. Discovery & scan methods include: arp-scan, Pi-hole - DB import, Pi-hole - DHCP leases import, Generic DHCP leases import, UNIFI controller import, SNMP-enabled router import. Check the Plugins docs for a full list of avaliable plugins.

Notification gateways

Send notifications to more than 80+ services, including Telegram via Apprise, or use native Pushsafer, Pushover, or NTFY publishers.

Integrations and Plugins

Feed your data and device changes into Home Assistant, read API endpoints, or use Webhooks to setup custom automation flows. You can also
build your own scanners with the Plugin system in as little as 15 minutes.

Workflows

The workflows module automates IT governance by enforcing device categorization and cleanup policies. Whether you need to assign newly discovered devices to a specific Network Node, auto-group devices from a given vendor, unarchive a device if detected online, or automatically delete devices, this module provides the flexibility to tailor the automations to your needs.

Documentation

Explore all the documentation here or navigate to a specific installation option below.

Supported browsers: Chrome, Firefox

• [Installation] Docker
• [Installation] Home Assistant
• [Installation] Bare metal
• [Installation] Unraid App
• [Setup] Usage and Configuration
• [Development] API docs
• [Development] Custom Plugins

Security & Privacy

NetAlertX scans your local network and can store metadata about connected devices. By default, all data is stored locally. No information is sent to external services unless you explicitly configure notifications or integrations.

Compliance & Hardening:

• Run it behind a reverse proxy with authentication
• Use firewalls to restrict access to the web UI
• Regularly update to the latest version for security patches
• Role-Based Access Control (RBAC) via Reverse Proxy: Integrate with your existing SSO/Identity provider for secure dashboard access.

See Security Best Practices for more details.

FAQ

Q: How do I monitor VLANs or remote subnets?
A: Ensure the container has proper network access (e.g., use --network host on Linux). Also check that your scan method is properly configured in the UI.

Q: What is the recommended deployment for high-availability?
A: We recommend deploying via Docker with persistent volume mounts for database integrity and running behind a reverse proxy for secure access.

Q: Will this send any data to the internet?
A: No. All scans and data remain local, unless you set up cloud-based notifications.

Q: Can I use this without Docker?
A: You can install the application directly on your own hardware by following the bare metal installation guide.

Q: Where is the data stored?
A: In the /data/config and /data/db folders. Back up these folders regularly.

Troubleshooting Tips

• Some scanners (e.g. ARP) may not detect devices on different subnets. See the Remote networks guide for workarounds.
• Wi-Fi-only networks may require alternate scanners for accurate detection.
• Notification throttling may be needed for large networks to prevent spam.
• On some systems, elevated permissions (like CAP_NET_RAW) may be needed for low-level scanning.

Check the GitHub Issues for the latest bug reports and solutions and consult the official documentation.

Everything else

📧 Get notified what's new

Get notified about a new release, what new functionality you can use and about breaking changes.

🔀 Other Alternative Apps

• Fing - Network scanner app for your Internet security (Commercial, Phone App, Proprietary hardware)
• NetBox - The gold standard for Network Source of Truth (NSoT) and IPAM.
• Zabbix or Nagios - Strong focus on infrastructure monitoring.
• NetAlertX - The streamlined, discovery-focused choice for real-time asset intelligence and noise-free alerting.

💙 Donations

Thank you to everyone who appreciates this tool and donates.

Click for more ways to donate

---

• Bitcoin: 1N8tupjeCK12qRVU2XrV17WvKK7LCawyZM
• Ethereum: 0x6e2749Cb42F4411bc98501406BdcD82244e3f9C7

📧 Email me at [email protected] if you want to get in touch or if I should add other sponsorship platforms.

🏗 Contributors

This project would be nothing without the amazing work of the community, with special thanks to:

pucherot/Pi.Alert (the original creator of PiAlert), leiweibau: Dark mode (and much more), Macleykun (Help with Dockerfile clean-up), vladaurosh for Alpine re-base help, Final-Hawk (Help with NTFY, styling and other fixes), TeroRERO (Spanish translations), Data-Monkey, (Split-up of the python.py file and more), cvc90 (Spanish translation and various UI work) to name a few. Check out all the amazing contributors.

🌍 Translations

Proudly using Weblate. Help out and suggest languages in the online portal of Weblate.

License

GPL 3.0 | Read more here | Source of the animated GIF (Loading Animation) | Source of the selfhosted Fonts

All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.