Deflect One - Agentless Linux Server Monitoring & AI-Powered DevOps Control
🛰
Deflect One is a self-contained agentless Linux server monitoring tool that gives you real-time control over your entire server fleet in one place. No agents to install on monitored servers - no daemons, no open ports, no dependencies to manage. Just your SSH keys and SSH access. Deflect One turns that into a complete DevOps operations platform - a lightweight alternative to bloated stacks like Prometheus + Grafana + Alertmanager.
From real-time Linux server health monitoring to active attack detection and automated firewall response, from multi-server deployment orchestration to natural-language SSH command execution - Deflect One is what you get when you combine DevOps observability, cybersecurity response, and AI-powered decision support into one coherent platform that runs entirely over SSH.
Agentless Monitoring Features: SSH Fleet Control, Attack Defense & AI Automation
📈 Real-Time Infrastructure Monitoring - CPU, RAM, disk, network I/O, Docker containers, MySQL/PostgreSQL/Redis slow queries, and more - across unlimited servers simultaneously. Async-native coroutine pool ensures near-zero overhead.
🛡 Active Attack Detection & Defense - live attack radar visualizes malicious IPs, geo-location, and timeline. Automatically manages UFW/iptables rules. Defense mode executes mitigations - bans, restarts, rate limits - autonomously within operator-set policy limits.
🤖 Optional AI Integration (experimental, off by default) - if you choose to enable it, the unified AI engine supports Claude, GPT-4, Gemini, Mistral, Groq, and LM Studio (local). You stay in full control: AI only runs where you explicitly configure it, on the servers you choose, within operator-defined policy limits. Per-host LLM instructions enable background governance loops - for example: "restart MySQL if slow-query rate exceeds 10/min". AI is not required to use Deflect One - all core monitoring features work without it.
💬 Natural-Language Command Terminal - press Ctrl+A and describe what you want in plain English. Deflect One translates it to real CLI/SSH/Bash and runs it for you. No guessing command syntax under pressure.
📊 25+ Operational Screens - each dimension of infrastructure has its own screen: log aggregation with regex search, SFTP file manager, backup/restic status, cron & systemd timer management, email monitor, process audit with OOM detection, deployment flow (git pull, restart, rollback), cross-host root-cause analysis, and more.
🔐 Hardware-Bound Encrypted Credential Vault - SSH credentials are encrypted at rest using Fernet + PBKDF2, bound to local machine hardware. A stolen config file is worthless on any other machine.
Under the Hood: Pure SSH, No Agents, Async Python & Textual TUI
Deflect One is a 10,000+ LOC Python monolith built on Textual TUI and asyncio. It controls your entire server fleet exclusively via paramiko SSH - no daemons, no agents, no ports to open beyond what SSH already requires. The async coroutine pool orchestrates real-time data collection, command execution, and event processing across all hosts simultaneously.
The optional dual-tier AI model strategy (SMART for reasoning, FAST for classification) balances cost and latency. AI integration is experimental and entirely opt-in - per-host LLM instruction sets, meaning different servers can run different governance policies, or none at all. You decide what AI can and cannot do.
Configuration is JSON-based, portable, and export/import-capable. The security wizard onboarding walks you through initial setup - from vault creation to host registration - in minutes.
Built for DevOps Engineers, SREs & Linux Sysadmins
Deflect One is designed specifically for infrastructure engineers and DevOps professionals who demand real-time visibility and autonomous defense without giving up control. If you manage Linux servers and need more than htop and grep across 15 terminals, this is what you've been waiting for.
Equally useful for solo developers and homelab enthusiasts running a VPS, home server, or self-hosted infrastructure who want real-time server health monitoring, log analysis, and AI-assisted management - without setting up Prometheus, Grafana, ELK, or any other heavy stack just to see what's happening on their machines. Homelab monitoring that actually fits in your terminal.
| ⚡ Current Status & Beta Access | |
|
Status: Active development - beta coming soon
Runs on:
Manages: Stack: Python 3.10+, Textual TUI, asyncio, paramiko, Fernet/PBKDF2. Optional AI modules: Claude API, OpenAI/Gemini/Mistral |
AI backends: Claude, GPT-4, Gemini, Mistral, Groq, LM Studio (local) License: MIT License with Attribution Requirement. Freeware - free for personal and commercial use Agent required on servers: None |
♥ Support Deflect One Development🔗 View on GitHub⬇ Download deflect.py
Deflect One is free and will remain free. Your sponsorship goes directly into continued development, new features, and the beta release.
Frequently Asked Questions
Does Deflect One require installing agents on monitored servers?
No. Deflect One is fully agentless. It connects to your servers exclusively via SSH - no daemons, no background processes, no additional ports to open. If SSH works, Deflect One works. This is the core design principle: zero footprint on monitored infrastructure.
What Linux distributions does Deflect One support for server monitoring?
Primary targets (fully tested): Debian 10+ and Ubuntu 20.04+. Works via SSH on Fedora, CentOS, Arch, and Alpine - most features functional, full test coverage coming in a future release.
Is AI required to use Deflect One?
No - AI is entirely optional. Deflect One is a fully functional agentless Linux server monitoring tool without any AI enabled. The AI integration (Claude, GPT-4, Gemini, Mistral, Groq, LM Studio) is an experimental, opt-in feature for those who want natural-language command execution or autonomous background governance. You control whether AI is used, which model, and on which servers.
Is Deflect One a free and open-source server monitoring tool?
Yes. Deflect One is released under the MIT License with Attribution Requirement. It is free for personal and commercial use, including homelab and VPS monitoring. Source code is available on GitHub. Sponsorship is welcome to fund continued development.
How is Deflect One different from Prometheus, Grafana, or Netdata?
Deflect One is a single Python script that requires zero installation on monitored servers - unlike Prometheus (requires exporters on every node), Netdata (requires agent), or Grafana (requires a full stack). It is designed for terminal-native DevOps workflows, combines monitoring with active attack detection and firewall automation, and adds optional AI-powered decision support - all in one self-contained tool.
Can I use Deflect One for homelab server monitoring?
Yes. Deflect One is well-suited for homelab monitoring and self-hosted infrastructure. It runs on any machine with Python 3.10+ (Linux, macOS, Windows Terminal, WSL2) and connects to your home servers or VPS via SSH. No cloud services, no SaaS subscriptions - entirely self-hosted and offline-capable.