The only agent that thinks for itself

Autonomous Monitoring with self-learning AI built-in, operating independently across your entire stack.

Unlimited Metrics & Logs
Machine learning & MCP
5% CPU, 150MB RAM
3GB disk, >1 year retention
800+ integrations, zero config
Dashboards, alerts out of the box
> Discover Netdata Agents
Try it now
Linux Docker Kubernetes Google Cloud macOS Windows
Open source
Github 76k
668M+ docker pulls

Centralized metrics streaming and storage

Aggregate metrics from multiple agents into centralized Parent nodes for unified monitoring across your infrastructure.

Stream from unlimited agents
Long-term data retention
High availability clustering
Data replication & backup
Scalable architecture
Enterprise-grade security
> Learn about Parents
Data Pipeline Infinite Scalability Netdata Parents

Fully managed cloud platform

Access your monitoring data from anywhere with our SaaS platform. No infrastructure to manage, automatic updates, and global availability.

Zero infrastructure management
99.9% uptime SLA
Global data centers
Automatic updates & patches
Enterprise SSO & RBAC
SOC2 & ISO certified
> Explore Netdata Cloud
Sign In Pricing Plans Data Sovereignty

Deploy Netdata Cloud in your infrastructure

Run the full Netdata Cloud platform on-premises for complete data sovereignty and compliance with your security policies.

Complete data sovereignty
Air-gapped deployment
Custom compliance controls
Private network integration
Dedicated support team
Kubernetes & Docker support
> Learn about Cloud On-Premises
Contact Sales Data Sovereignty Government Solutions

Powerful, intuitive monitoring interface

Modern, responsive UI built for real-time troubleshooting with customizable dashboards and advanced visualization capabilities.

Real-time chart updates
Customizable dashboards
Dark & light themes
Advanced filtering & search
Responsive on all devices
Collaboration features
> Explore Netdata UI
Custom Dashboards Algorithmic Dashboards Troubleshooting

Monitor on the go

Native iOS and Android apps bring full monitoring capabilities to your mobile device with real-time alerts and notifications.

iOS & Android apps
Push notifications
Touch-optimized interface
Offline data access
Biometric authentication
Widget support
> Download apps
App Store Google Play Alerts & Notifications

The future of infrastructure observability

See our strategic direction across AI-native observability, full-stack signals, operational intelligence, and enterprise platform maturity.

AI-native observability
Full-stack signal coverage
Operational intelligence
Enterprise platform maturity
Agent releases every 6 weeks
Cloud continuous delivery
> Explore Product Roadmap
GitHub Releases Request a Briefing Changelog

Best energy efficiency

True real-time per-second

100% automated zero config

Centralized observability

Multi-year retention

High availability built-in

Zero maintenance

Always up-to-date

Enterprise security

Complete data control

Air-gap ready

Compliance certified

Millisecond responsiveness

Infinite zoom & pan

Works on any device

Native performance

Instant alerts

Monitor anywhere

AI-native observability

Continuous delivery

Open source foundation

80% Faster Incident Resolution

AI-powered troubleshooting from detection, to root cause and blast radius identification, to reporting.
Learn & Detect
Correlate
Understand & Act
Unsupervised ML Anomaly Advisor AI Co-Engineer Anomaly Detection Root Cause Analysis AI Reporting
Blast Radius Detection AI Chat
AI-powered observability, always enabled, always running

True Real-Time and Simple, even at Scale

Linearly and infinitely scalable full-stack observability, that can be deployed even mid-crisis.
Automated
Distributed
Scalable
Zero Configuration Distributed Pipeline Real-Time at Scale Algorithmic Dashboards Edge Computing Infinite Scalability Zero Downtime Tiered Retention Extreme Cardinality
Linear scaling, zero single point of failure

90% Cost Reduction, Full Fidelity

Instead of centralizing the data, Netdata distributes the code, eliminating pipelines and complexity.
Metrics
Logs
Alerts
Metrics Management Logs Management Distributed Alerting eBPF Monitoring Zero Pipeline Logs Notifications Tiered Retention
Mobile Apps
Your data stays on-premises; only views stream to the cloud

Single Pane of Glass

Eliminate SSH access for monitoring and troubleshooting systems and applications.
Simple
Powerful
Intelligent
Zero Configuration Troubleshooting AI Co-Engineer Algorithmic Dashboards Live Anomaly Advisor No Query Language Custom Dashboards Root Cause Analysis
Turn junior engineers into experts with guided troubleshooting

Control Without Surrender

SOC 2 Type 2 certified with every metric kept on your infrastructure.
Access
Governance
Operations
Access Control Data Sovereignty Team Collaboration Zero Code Instrumentation Alerts & Notifications Cost Efficiency Zero Downtime
See the Architecture

Integrations

800+ collectors and notification channels, auto-discovered and ready out of the box.

800+ data collectors
Auto-discovery & zero config
Cloud, infra, app protocols
Notifications out of the box
> Explore integrations
AI Automation
Model Context Protocol

Connect any MCP-compatible AI to your observability data. Automate workflows, playbooks, and incident response.

Deploy Anywhere
Multi-Cloud

AWS, GCP, Azure—unified observability across all providers.

Hybrid Cloud

On-prem and cloud infrastructure in a single view.

Data Sovereignty

Your metrics stay on your infrastructure. Always.

Real Results
46% Cost Reduction

Reduced monitoring costs by 46% while cutting staff overhead by 67%.

— Leonardo Antunez, Codyas

Zero Pipeline

No data shipping. No central storage costs. Query at the edge.

From Our Users
"Out-of-the-Box"

So many out-of-the-box features! I mostly don't have to develop anything.

— Simon Beginn, LANCOM Systems

No Query Language

Point-and-click troubleshooting. No PromQL, no LogQL, no learning curve.

Enterprise Ready
67% Less Staff, 46% Cost Cut

Enterprise efficiency without enterprise complexity—real ROI from day one.

— Leonardo Antunez, Codyas

SOC 2 Type 2 Certified

Zero data egress. Only metadata reaches the cloud. Your metrics stay on your infrastructure.

Full Coverage
800+ Collectors

Auto-discovered and configured. No manual setup required.

Any Notification Channel

Slack, PagerDuty, Teams, email, webhooks—all built-in.

Built for the People Who Get Paged

Because 3am alerts deserve instant answers, not hour-long hunts.
Platform Engineers DevOps SREs Developers SysAdmins CISOs Operations Centers DBAs Network Engineers MSPs Freelancers
Ask AI about your next incident

Every Industry Has Rules. We Master Them.

See how healthcare, finance, and government teams cut monitoring costs 90% while staying audit-ready.
AI & ML Technology Finance Gaming Healthcare Retail Manufacturing Telecom Government Education
Built for Operation Centers

Monitor Any Technology. Configure Nothing.

Install the agent. It already knows your stack.
Kubernetes Linux AWS GCP Azure Windows Docker Proxmox VMware Red Hat Hybrid Cloud Hetzner HPC
See all 800+ integrations

Complete Visibility. Total Control.

From install to "what broke and why" in under five minutes—no queries, no guesswork.
LLM Monitoring Infrastructure Monitoring Container Monitoring Synthetic Checks Application Performance Database Monitoring Docker Monitoring Troubleshooting Network Monitoring Web Server Monitoring Systemd Journal Logs Data Centers Windows Event Logs IoT Monitoring Service Mesh Cloud Monitoring Continuous Operations Unified Observability
See the live demo

Don't Take Our Word for It

From 99% less downtime to 30-second troubleshooting—see how they did it.
Falkland Islands Government

Government

Falkland Islands Government

99% less downtime, 30% cloud cost reduction

TMB Barcelona

Transportation

TMB Barcelona

"A rare unicorn that obeys the Pareto rule"

Nodecraft

Gaming

Nodecraft

Troubleshooting in 30 seconds, not 3 minutes

Codyas

Technology

Codyas

46% cost reduction, 67% less monitoring staff

Browse all case studies
From Our Users
"A Rare Unicorn"

Netdata gives more than you invest in it. A rare unicorn that obeys the Pareto rule.

— Eduard Porquet Mateu, TMB Barcelona

99% Downtime Reduction

Reduced website downtime by 99% and cloud bill by 30% using Netdata alerts.

— Falkland Islands Government

Real Savings
30% Cloud Cost Reduction

Optimized resource allocation based on Netdata alerts cut cloud spending by 30%.

— Falkland Islands Government

46% Cost Cut

Reduced monitoring staff by 67% while cutting operational costs by 46%.

— Codyas

Real Coverage
"Plugin for Everything"

Netdata has agent capacity or a plugin for everything, including Windows and Kubernetes.

— Eduard Porquet Mateu, TMB Barcelona

"Out-of-the-Box"

So many out-of-the-box features! I mostly don't have to develop anything.

— Simon Beginn, LANCOM Systems

Real Speed
Troubleshooting in 30 Seconds

From 2-3 minutes to 30 seconds—instant visibility into any node issue.

— Matthew Artist, Nodecraft

20% Downtime Reduction

20% less downtime and 40% budget optimization from out-of-the-box monitoring.

— Simon Beginn, LANCOM Systems

Pay per Node. Unlimited Everything Else.

One price per node. Unlimited metrics, logs, users, and retention. No per-GB surprises.

Free tier—forever
No metric limits or caps
Retention you control
Cancel anytime
> See pricing plans
> See pricing plans

What's Your Monitoring Really Costing You?

Most teams overpay by 40-60%. Let's find out why.

Expose hidden metric charges
Calculate tool consolidation
Customers report 30-67% savings
Results in under 60 seconds
> See what you're really paying
> See what you're really paying

Your Infrastructure Is Unique. Let's Talk.

Because monitoring 10 nodes is different from monitoring 10,000.

On-prem & air-gapped deployment
Volume pricing & agreements
Architecture review for your scale
Compliance & security support
> Start a conversation
> Start a conversation

Monitoring That Sells Itself

Deploy in minutes. Impress clients in hours. Earn recurring revenue for years.

30-second live demos close deals
Zero config = zero support burden
Competitive margins & deal protection
Response in 48 hours
> Apply to partner
> Apply to partner

Per-Second Metrics at Homelab Prices

Same engine, same dashboards, same ML. Just priced for tinkerers.

Community: Free forever · 5 nodes · non-commercial
Homelab: $90/yr · unlimited nodes · fair usage
> Get the Homelab Plan
> Get the Homelab Plan

$1,000 Per Referral. Unlimited Referrals.

Your colleagues get 10% off. You get 10% commission. Everyone wins.

10% of subscriptions, up to $1,000 each
Track earnings inside Netdata Cloud
PayPal/Venmo payouts in 3-4 weeks
No caps, no complexity
> Get your referral link
> Get your referral link
Cost Proof
40% Budget Optimization

"Netdata's significant positive impact" — LANCOM Systems

Calculate Your Savings

Compare vs Datadog, Grafana, Dynatrace

Savings Proof
46% Cost Reduction

"Cut costs by 46%, staff by 67%" — Codyas

30% Cloud Bill Savings

"Reduced cloud bill by 30%" — Falkland Islands Gov

Enterprise Proof
"Better Than Combined Alternatives"

"Better observability with Netdata than combining other tools." — TMB Barcelona

Real Engineers, <24h Response

DPA, SLAs, on-prem, volume pricing

Why Partners Win
Demo Live Infrastructure

One command, 30 seconds, real data—no sandbox needed

Zero Tickets, High Margins

Auto-config + per-node pricing = predictable profit

Homelab Ready
Free Video Course

8-episode Netdata tutorial by LearnLinux.tv

76k+ GitHub Stars

3rd most starred monitoring project

Worth Recommending
Product That Delivers

Customers report 40-67% cost cuts, 99% downtime reduction

Zero Risk to Your Rep

Free tier lets them try before they buy

AI Support Assistant, Available 24/7

Nedi has access to all official documentation, source code, and resources. Ask any question about Netdata—responds in your language.

Deployment & configuration
Troubleshooting & sizing
Alerts & notifications
Evidence-based answers
> Ask Nedi now
> Ask Nedi now

Engineering Insights & Product Updates

Deep dives into monitoring, infrastructure, and what's new in Netdata.
NVIDIA DCGM Collector: Deep GPU Monitoring for Data Center and AI Infrastructure

May 2026

NVIDIA DCGM Collector: Deep GPU …

GPU infrastructure is expensive and …

Misconfigured Alert Detection: Find the Alerts That Need Tuning

Apr 2026

Misconfigured Alert Detection: Find the …

Netdata ships with hundreds of stock alerts. …

Azure Monitor Collector: Monitor Your Entire Azure Infrastructure From Netdata

Apr 2026

Azure Monitor Collector: Monitor Your …

If you’re running infrastructure on …

Database Performance Monitoring: Query-Level Visibility Across 14+ Databases

Apr 2026

Database Performance Monitoring: …

Netdata has always collected database …

Explore all articles

Never Fight Fires Alone

Docs, community, and expert help—pick your path to resolution.

Learn.netdata.cloud docs
Discord, Forums, GitHub
Premium support available
> Get answers now
> Get answers now

60 Seconds to First Dashboard

One command to install. Zero config. 850+ integrations documented.

Linux, Windows, K8s, Docker
Auto-discovers your stack
> Read our documentation
> Read our documentation

Level Up Your Monitoring

Real problems. Real solutions. 112+ guides from basic monitoring to AI observability.
Academy Monitoring 101 Webinars Netdata Tutorial AI Observability Ebook Case Studies YouTube Channel
> Explore all 112+ guides

76,000+ Engineers Strong

615+ contributors. 1.5M daily downloads. One mission: simplify observability.
GitHub Discussions Discord Forums Reddit X / Twitter Open Source
See where 76K+ engineers connect

Per-Second. 90% Cheaper. Data Stays Home.

Side-by-side comparisons: costs, real-time granularity, and data sovereignty for every major tool.

See why teams switch from Datadog, Prometheus, Grafana, and more.

> Browse all comparisons
> Browse all comparisons
Nedi Can Help With
Paste Logs & Errors

Trace issues directly in the source code

Deploy & Size Parents

Get architecture recommendations

Live Status
Netdata Cloud Status

Real-time operational status, incident history, and uptime for all Netdata Cloud services.

> Check system status
Quick Start
One-Command Install

Copy, paste, monitoring in 60 seconds

850+ Integrations

Every collector documented

Learn Path
112+ Technical Guides

PostgreSQL, NGINX, K8s, and more

AI Observability Ebook

Maturity model and implementation

Built in the Open
Star Us on GitHub

76k+ stars and growing daily

Active Discussions

Engineers helping engineers

Migration Program
Migrating from SolarWinds?

Netdata is modern, fast, full-stack observability with per-second metrics, AI-powered troubleshooting, and predictable pricing.

> See migration program
Edge-Native Observability, Born Open Source
Per-second visibility, ML on every metric, and data that never leaves your infrastructure.
Founded in 2016
615+ contributors worldwide
Remote-first, engineering-driven
Open source first
> Read our story
> Read our story
Promises We Publish—and Prove
12 principles backed by open code, independent validation, and measurable outcomes.
Open source, peer-reviewed
Zero config, instant value
Data sovereignty by design
Aligned pricing, no surprises
> See all 12 principles
> See all 12 principles
Edge-Native, AI-Ready, 100% Open
76k+ stars. Full ML, AI, and automation—GPLv3+, not premium add-ons.
76,000+ GitHub stars
GPLv3+ licensed forever
ML on every metric, included
Zero vendor lock-in
> Explore our open source
> Explore our open source
Build Real-Time Observability for the World
Remote-first team shipping per-second monitoring with ML on every metric.
Remote-first, fully distributed
Open source (76k+ stars)
Challenging technical problems
Your code on millions of systems
> See open roles
> See open roles
Meet the Team Behind Netdata
Conferences, meetups, and tradeshows where you can see Netdata in action and talk to the engineers who build it.
Live demos and deep dives
Book 1-on-1 meetings
Talks and panel sessions
Event recaps and photos
> See all events
> See all events
Talk to a Netdata Human in <24 Hours
Sales, partnerships, press, or professional services—real engineers, fast answers.
Discuss your observability needs
Pricing and volume discounts
Partnership opportunities
Media and press inquiries
> Book a conversation
> Book a conversation
Your Data. Your Rules.
On-prem data, cloud control plane, transparent terms.
Terms of Use Terms of Service Privacy Policy Fair Usage Policy
Request a DPA or security package
Trust & Scale
76,000+ GitHub Stars

One of the most popular open-source monitoring projects

SOC 2 Type 2 Certified

Enterprise-grade security and compliance

Data Sovereignty

Your metrics stay on your infrastructure

Validated
University of Amsterdam

"Most energy-efficient monitoring solution" — ICSOC 2023, peer-reviewed

ADASTEC (Autonomous Driving)

"Doesn't miss alerts—mission-critical trust for safety software"

Community Stats
615+ Contributors

Global community improving monitoring for everyone

1.5M+ Downloads/Day

Trusted by teams worldwide

GPLv3+ Licensed

Free forever, fully open source agent

Why Join?
Remote-First

Work from anywhere, async-friendly culture

Impact at Scale

Your work helps millions of systems

Recent Events
Tech Show London 2026

March 4–5, London, UK

India DevOps Show 2026

February 13, Bengaluru, India

Gartner IT IOCs 2025

November 17–19, Las Vegas

Get in Touch
Talk to Sales

Pricing, volume discounts, and enterprise needs

Technical Support

Docs, community, and expert help

Trust Center
SOC 2 Type 2 Certified

Continuous compliance monitoring by Drata. View our live security posture and audit reports.

> View trust center
Linux Audit Subsystem icon

Linux Audit Subsystem

Linux Audit Subsystem

Plugin: debugfs.plugin Module: audit

Overview

Monitors Linux kernel audit subsystem status via NETLINK_AUDIT. Tracks audit backlog depth, backlog utilization, lost events, and configuration (failure mode, enabled state). Critical for detecting audit backlog overflow conditions that cause kernel panics when failure mode is set to 2 (panic).

Query kernel audit status via NETLINK_AUDIT socket (AUDIT_GET)

This collector is only supported on the following platforms:

  • Linux

This collector only supports collecting metrics from a single instance of this integration.

This integration requires root privileges or CAP_AUDIT_CONTROL capability to query the kernel audit subsystem via netlink. The Netdata installer grants this capability to debugfs.plugin automatically. The module detects missing privileges and disables itself gracefully.

Default Behavior

Auto-Detection

Automatically detects and monitors the Linux audit subsystem when the kernel supports NETLINK_AUDIT. Gracefully disables itself if audit is not available.

Limits

The default configuration for this integration does not impose any limits on data collection.

Performance Impact

Minimal. Performs a single netlink query per collection cycle. No file I/O, no process forking.

Setup

Prerequisites

Linux kernel with audit support

The Linux kernel must have audit support enabled (CONFIG_AUDIT=y). Most distribution kernels include this by default.

Configuration

Options

OptionDescriptionDefaultRequired
update everyData collection frequency.1no

via File

The configuration file name for this integration is netdata.conf. Configuration for this specific integration is located in the [plugin:debugfs] section within that file.

The file format is a modified INI syntax. The general structure is:

[section1]
    option1 = some value
    option2 = some other value

[section2]
    option3 = some third value

You can edit the configuration file using the edit-config script from the Netdata config directory.

cd /etc/netdata 2>/dev/null || cd /opt/netdata/etc/netdata
sudo ./edit-config netdata.conf
Examples

There are no configuration examples.

Metrics

Metrics grouped by scope.

The scope defines the instance that the metric belongs to. An instance is uniquely identified by a set of labels.

Monitor the Linux kernel audit subsystem status and backlog health.

Per Linux Audit Subsystem instance

Audit subsystem status for the entire system.

This scope has no labels.

Metrics:

MetricDimensionsUnit
audit.backlogused, freeevents
audit.backlog_utilizationutilization%
audit.lostlostevents/s
audit.enableddisabled, enabled, immutablestate
audit.failuresilent, printk, panicstate

Alerts

The following alerts are available:

Alert nameOn metricDescription
audit_backlog_utilizationaudit.backlog_utilizationLinux audit backlog utilization has exceeded the warning threshold while failure mode is set to panic. Kernel panic is imminent if backlog overflows.
audit_lost_eventsaudit.lostLinux audit subsystem is losing events (backlog overflow, rate limiting, or memory pressure).

The observability platform companies need to succeed

Sign up for free

Want a personalised demo of Netdata for your use case?

Contact Sales