30 open-source projects similar to keephq/keep, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Keep alternative.
VictoriaMetrics is a high-performance, scalable time series database and observability platform designed for long-term storage and analysis of metric, log, and trace data. It functions as a unified backend for monitoring ecosystems, offering full compatibility with industry-standard protocols and query languages. The system is built to handle massive data volumes through a distributed architecture that supports horizontal scaling and efficient data lifecycle management. The platform distinguishes itself through a storage engine that utilizes consistent hashing for data sharding and log-struct
Alertmanager is a monitoring notification gateway and routing service that deduplicates, groups, and directs alerts to the correct receivers. It functions as a central manager for Prometheus alerts, using a hierarchical routing tree and label-based matchers to dispatch notifications to external services. The system employs a peer-to-peer mesh network to coordinate multiple instances in a high availability cluster, ensuring continuous alert processing. It features a dedicated inhibition engine and grouping mechanisms to reduce notification noise by suppressing redundant alerts when related iss
Nightingale is a Prometheus-compatible monitoring and alerting platform designed to centralize telemetry management across multiple time-series databases. It functions as a multi-source alerting engine and metric data pipeline that ingests telemetry via remote write protocols and triggers alarms based on data from sources such as Prometheus, Elasticsearch, Loki, and ClickHouse. The system is distinguished by its automated alert healing system, which executes predefined scripts and RPC-based corrective actions when monitoring thresholds are breached. It supports distributed alert processing, a
dockprom is a monitoring stack based on Prometheus and Grafana designed to track the performance of Docker containers and their underlying hosts. It functions as a complete solution for gathering real-time metrics and displaying them through a self-hosted dashboard. The project includes a suite of tools for collecting container and host metrics, as well as a discovery tool specifically for automatically identifying and adding tagged EC2 instances to the monitoring configuration. The system covers several observability areas, including time-series data storage and the creation of performance
HertzBeat is an agentless monitoring platform designed to collect performance metrics from network devices, databases, and servers without requiring client software. It functions as an infrastructure monitoring dashboard, an alert management system, and a centralized log aggregator using the OpenTelemetry Protocol. The system utilizes a cloud-edge collection hierarchy to scale data gathering across clusters and isolated networks. It distinguishes itself with a flexible extensibility model, allowing users to define new monitoring workflows through configuration-based metric templates and custo
HyperDX is an OpenTelemetry observability platform that provides centralized log management, distributed tracing, and a self-hosted monitoring stack. It functions as a unified system for collecting, indexing, and visualizing logs, metrics, and traces from cloud and container environments. The platform distinguishes itself with specialized tooling for large language model monitoring and session replay, allowing user interactions in the browser to be linked to backend telemetry. It employs schema-less JSON parsing to index structured logs dynamically and uses source maps to resolve minified sta
The AWS Cloud Development Kit is an infrastructure-as-code framework that enables developers to define and provision cloud resources using familiar programming languages. By utilizing construct-based synthesis, it translates high-level, object-oriented code into declarative templates, allowing for the automated management of complex cloud environments through a centralized, code-driven control plane. The framework distinguishes itself through its ability to model infrastructure as a dependency-aware resource graph, ensuring that components are provisioned and updated in the correct order. It
Quarkus is a Kubernetes-native Java framework designed for building high-performance, memory-efficient applications. It utilizes ahead-of-time native compilation to transform Java code into standalone, optimized binaries that eliminate the need for a virtual machine, enabling rapid startup and reduced memory consumption. By performing code augmentation during the build phase, it shifts heavy processing tasks away from runtime, ensuring that applications are optimized for cloud-native environments. The framework distinguishes itself through a unified approach to reactive and imperative program
Crucix is an open-source intelligence system comprising an OSINT aggregator, a geospatial intelligence dashboard, and an LLM intelligence agent. It functions as a real-time signal monitor and automated alerting system designed to collect, analyze, and visualize geopolitical, economic, and satellite data from diverse open-source intelligence sources. The system utilizes large language models to synthesize intelligence feeds, generate actionable trade ideas, and classify signal priority with confidence scores. It features a geospatial visualization interface that plots intelligence events, such
Prometheus is a comprehensive monitoring and alerting platform designed to track infrastructure health and application performance. It functions as a time series database that ingests, indexes, and queries high-frequency numerical data points. By utilizing a pull-based model, the system periodically collects multi-dimensional metrics from monitored targets, storing them in an optimized block storage format that supports high-throughput ingestion and efficient historical analysis. The platform distinguishes itself through a specialized query engine that enables real-time analysis of performanc
HertzBeat is a real-time observability platform that provides agentless monitoring for servers, databases, and networks. It functions as an infrastructure alerting manager, an OpenTelemetry Protocol log aggregator, and a public status page generator. The platform integrates an analysis engine that uses large language models to process monitoring data and generate system insights. It utilizes a cloud-edge collaborative architecture and distributed collector clustering to scale data gathering across large-scale networks. The system covers a broad range of observability capabilities, including
Falcon Plus is an infrastructure monitoring platform designed to aggregate performance metrics from distributed agents and manage infrastructure health alerts. It functions as a containerized service orchestrator and a distributed metrics aggregator, providing a centralized system for routing monitoring data and exposing health statistics via a REST observability interface. The platform features a dedicated system alert manager that evaluates incoming performance data against predefined thresholds to trigger operational alarms. It employs a data pipeline to consolidate real-time metrics from
OpenObserve is a unified observability data platform designed to ingest, store, and analyze logs, metrics, and traces. It functions as a cloud-native monitoring tool that centralizes telemetry from diverse sources, including standard collectors and cloud service providers, into a single, scalable system. By utilizing a columnar storage engine backed by object storage, the platform enables efficient long-term data retention and high-performance analytical querying. The platform distinguishes itself through deep integration with artificial intelligence, allowing users to query data using natura
Velociraptor is a digital forensics and incident response platform, endpoint detection and response system, and visibility tool. It provides a query engine and remote forensic collector used to hunt for indicators of compromise and perform triage across a fleet of hosts. The system is distinguished by its specialized query language for interrogating host state and parsing binary files. It features a notebook environment that combines markdown documentation with executable query cells to standardize investigative workflows and enable collaborative reporting. The platform covers a wide range o
TheHive is a security incident response platform and multi-tenant case management system. It functions as a Security Orchestration, Automation, and Response (SOAR) tool and a threat intelligence platform designed to coordinate security investigations by managing alerts, cases, and observables. The platform is distinguished by its multi-tenant architecture, which isolates data across different organizations while supporting selective cross-tenant sharing. It features a SOAR automation engine capable of executing sandboxed JavaScript logic to automate workflows and trigger response actions thro
Uptrace is an OpenTelemetry-based observability platform designed to collect, store, and analyze distributed traces, metrics, and logs. It functions as a centralized logging backend, a distributed tracing system, and a metrics engine to monitor application performance and system health. The platform is distinguished by AI-powered operational capabilities, allowing users to query telemetry data and manage monitoring dashboards using natural language. It specifically includes specialized monitoring for generative AI pipelines, tracking token usage and response quality for LLM interactions and r
DataHub is a metadata management platform designed to unify technical, operational, and business context across diverse data ecosystems. By utilizing a graph-based metadata model and an event-driven ingestion architecture, it creates a centralized source of truth that maps complex data relationships, lineage, and ownership. This foundational framework enables organizations to maintain a synchronized view of their data landscape, supporting both human-led discovery and automated data operations. The platform distinguishes itself through its focus on grounding artificial intelligence and autono
Faraday is a vulnerability management platform and security tool aggregator designed to centralize security findings from multiple scanners into a single dashboard. It utilizes a relational security database to catalog hosts, services, and security flaws, enabling users to track remediation and analyze organizational risk. The platform distinguishes itself through a plugin-based system that normalizes diverse security tool outputs into a unified data model. It supports deep integration with a wide array of scanners and CLI tools, intercepting shell command output or parsing report files to ag
SigNoz is a full-stack observability platform designed to collect, store, and visualize metrics, logs, and distributed traces in a unified environment. It leverages OpenTelemetry-based data collection to ingest telemetry from diverse sources using vendor-neutral protocols, ensuring interoperability across complex microservices architectures. The platform utilizes a high-performance columnar storage engine to enable rapid aggregation and filtering, providing a centralized backend for monitoring application health and performance. What distinguishes the platform is its focus on automated instru
Security-101 is a vendor-agnostic, foundational cybersecurity learning curriculum organized into modular, framework-aligned modules. It is designed to build core knowledge across multiple security domains without tying content to specific products or platforms, making it suitable for both beginners and professionals seeking a structured introduction to the field. The curriculum is built around established security frameworks, including the MITRE ATT&CK framework for standardized threat analysis and the NIST Cybersecurity Framework for incident response workflows. It covers a broad range of do
KubeSphere is a distributed operating system for cloud-native application management that provides a centralized control plane for Kubernetes clusters. It functions as a comprehensive DevOps portal, enabling teams to orchestrate containerized workloads, manage CI/CD pipelines, and enforce security policies across hybrid cloud, datacenter, and edge environments. The platform distinguishes itself through its multi-cluster federation capabilities and robust multi-tenancy model, which allow for logical resource isolation and granular access control across shared infrastructure. It integrates a mo
CrowdSec is a collaborative, distributed security engine designed for threat detection and infrastructure protection. It functions as an intrusion detection system that parses logs and network traffic to identify malicious patterns, utilizing a bucket-based threshold detection model to aggregate events and trigger alerts. The platform is built on a modular architecture that includes a centralized local API server for managing security signals and a relational database for persistent storage of remediation decisions. What distinguishes the project is its decoupled enforcement model, which offl
This project is a comprehensive educational resource and curriculum focused on site reliability engineering, distributed systems, and infrastructure operations. It provides technical guides, a systems engineering course, and instructional manuals designed to teach the principles of managing large-scale computing environments. The curriculum covers high-level architectural design for scalability and resilience, including fault-tolerant infrastructure, high-availability patterns, and microservices decomposition. It emphasizes the practical application of site reliability engineering through the
This project is a community-curated directory of open-source software designed for deployment in private server environments and home labs. It serves as a comprehensive resource for discovering independent, self-hosted alternatives to mainstream cloud services, enabling users to maintain full data ownership and control over their digital infrastructure. The directory is structured through a hierarchical taxonomy that organizes a vast collection of applications into logical categories, ranging from media management and data analytics to private communication and team productivity tools. It dis
Graylog2-server is an open-source centralized log management system and aggregator. It functions as a log analysis platform designed to collect, index, and analyze log data from multiple sources within a centralized searchable index. The system provides capabilities for enterprise log aggregation and infrastructure monitoring. It enables the gathering of logs from various servers and applications to facilitate log data analysis and root cause troubleshooting across a network. The platform utilizes a distributed indexing pipeline and message-queue based ingestion to handle log streams. It inc
This project is a comprehensive enterprise architecture for building multi-tenant distributed systems, implemented as a Spring Cloud microservices platform. It provides a complete framework for managing microservices, focusing on multi-tenant data architecture and centralized identity provision. The platform is distinguished by its integrated approach to identity and security, utilizing an OAuth2 identity provider to manage single sign-on, role-based access control, and JWT token issuance across distributed services. It further separates organizational boundaries through multi-tenant data iso
Side-Menu.Android is a reusable UI component for Android applications that provides a slide-out navigation drawer. It is designed to help developers organize application sections and user options into a structured, hidden panel that maintains a clean interface for the primary content area. The component distinguishes itself through its visual presentation, which follows Material Design guidelines to ensure a consistent and intuitive user experience. It features a data-driven menu hierarchy that allows for logical grouping of navigation items, and it incorporates fluid circular reveal animatio
This project is a Docker educational resource and a collection of practical examples designed for learning containerization technologies. It serves as a guide for understanding container fundamentals, including the creation and management of custom images and the use of registries. The repository provides specialized references for container security hardening, such as managing kernel privileges and implementing supply chain security. It also includes tutorials for multi-container orchestration and a DevOps guide focused on CI/CD automation and image optimization. The material covers a broad
This project is an open-source, privacy-focused web analytics platform designed for high-throughput data ingestion and multi-tenant data management. It provides a cookie-less tracking engine that captures visitor interactions using ephemeral request metadata, ensuring comprehensive traffic visibility while maintaining strict privacy standards. The architecture utilizes an event-driven ingestion pipeline and aggregated metric storage to decouple data collection from processing, enabling efficient long-term retrieval and responsive dashboard performance. What distinguishes this platform is its
Boto3 is the AWS SDK for Python, providing a programmatic interface for managing and automating AWS cloud infrastructure and services. It serves as a cloud management API client and resource manager for provisioning, configuring, and scaling virtual servers, databases, and storage. The library enables the implementation of infrastructure-as-code through declarative templates and scripts, allowing for the deployment of identical resource stacks across multiple accounts and geographic regions. It also provides a framework for coordinating distributed workflows, serverless functions, and contain