Open source, MIT licensed, on PyPI

Your infrastructure,
monitored
by AI.

Open-source monitoring that runs Claude as a read-only agent against your servers, AWS, GitHub, and databases. Structured reports with typed issues, evidence, and run-vs-run diffs.

View on GitHub → How it works

prod-server-01 · health_check

⚠ warning

Disk at 82% on /var, growing 4GB/week. Certbot renewal failing. 3 systemd services crash-looping.

cpu23% mem61% disk82% load0.7

Disk will be full in 28 days

Rotate /var/log/app/*.log. /var grew 4.1GB/week.

certbot SSL renewal failing

ACME challenges failing for master.devsquall.com

+2 new −1 resolved =3 persisted

Monitoring tells you what broke.
Not why. Not what to do.

You get a 3am Slack alert: "disk usage warning." Then you SSH in, tail logs, check docker, look at cron. Same 20-minute routine, every time. Supavision does that investigation for you.

Structured reports

Skim a report in 5 seconds.

Every health check produces a typed payload: status, summary, metrics, and a list of issues with severity, evidence, and recommendations. Structured and scannable.

Pydantic-validated at the boundary
Automatic severity assessment with structured + regex fallback
Full investigation narrative available on expand

Run-vs-run diffs

See what changed. Instantly.

Stable issue IDs make set-diffs across runs deterministic. New, resolved, and persisted counts show up in the dashboard and Slack alerts.

Issue title drift does not break the diff
No LLM cost — pure set math
Visible in reports, timelines, and alerts

Actionable Slack alerts

Alerts that say what to do.

When a critical issue appears, the Slack message cites the top issue, its recommendation, and the diff counts. Deep link back to the full report. Same issue across runs means one alert, not ten.

Same issue across runs triggers one alert, not ten
Block Kit formatting with severity colors
Works with both structured and plain-text reports

4 resource types

Servers (SSH), AWS accounts, GitHub orgs, and databases. Each type has its own prompt templates and tool allowlist. Add custom types via templates.

Claude Code MCP

Ships an MCP server so Claude Code can query your ops data directly. "How has prod-01 been trending this week?" Always read-only.

Cron scheduling

Set a cron expression per resource. Health checks run in the background with a concurrency limit. Runs unattended in the background.

Three steps. Five minutes.

Connect

Add a server, AWS account, GitHub org, or database via the dashboard wizard or CLI. Credentials stored as env var references, not raw secrets.

Schedule

Set a cron per resource. Claude investigates using read-only tools from a per-resource allowlist. No writes, no destructive actions.

Act

Read the dashboard, get Slack alerts with the top issue and its recommendation, or ask Claude Code via MCP.

install

$ pip install supavision

create an admin user

$ supavision create-admin

Star on GitHub → View on PyPI

Read-only by design.

The agent runs from a curated allowlist of ~70 read-only commands. No shell chaining, no SQL writes, no destructive operations. Everything is auditable.

RBAC built in. Admin and viewer roles. Per-endpoint enforcement on every mutation route.
CSRF tokens on every form. Double-submit cookie pattern, validated per request.
SSRF prevention. Webhook URLs validated against private network ranges before DNS resolution.
Credential isolation. Secrets stored as env var references, never as raw values in the database.
SQLite WAL mode. Concurrent-safe, zero external dependencies. No external database required.
Open source, MIT. Read the code. Audit the allowlist. Fork it.

Get started in five minutes.

Install from PyPI, create an admin user, and connect your first resource.

View on GitHub → View on PyPI

Your infrastructure, monitored by AI.

Monitoring tells you what broke.Not why. Not what to do.