IronGargoyle
Host Signal local-first storage visible warder ready stormwatch observing events auditable

Local evidence. Guarded action. Operator trust.

IronGargoyle runs on the Linux host to bring storage visibility, authentication-abuse awareness, TCP pressure review, service context, terminal validation, and auditable actions into one local-first workflow.

Explore the console Install Version 1.0
IronGargoyle agent + console
systemd
auth
storage
tcp
firewall
events
Watch Defend Lockdown

Observe, interpret, gate, act, verify, audit.

Observe

Overview, HDoracle, StormWatch, Events

Interpret

Health labels, pressure patterns, backend readiness

Gate

Protection modes, allowlists, confirmations

Act

Warder blocks, service actions, staged settings

Verify

Backend checks, service state, storage state

Audit

Events, summaries, operator-readable history

Signals stay close to the host.

IronGargoyle collects host context where the evidence lives: services, storage, firewall state, TCP pressure, terminal validation, and operator actions.

servicesOverview
SMART / RAIDHDoracle
auth logsWarder
TCP stateStormWatch
actionsEvents

Validated from the local system.

The check command confirms configuration, plugin registry, monitor execution, systemd state, dry-run planning, and audit health.

Local validation from a fresh AlmaLinux 9 host.
$ irongargoyle check
IronGargoyle Check: OK

config                  ok
os_detection            rhel
doctor_hints            ok
registry_integrity      ok
monitor_smoke           ok
remediation_planning    ok
systemd_service         active / enabled
audit_log               healthcheck written

version=1.0.0  python=3.11.13

Designed for the host it protects.

IronGargoyle works close to the operating system: services, logs, storage tools, firewall backends, TCP state, and local administrative controls.

Review install options