Sold by: Sentrilite
Deployed on AWS
AWS Free Tier
Sentrilite is a lightweight, programmable system audit platform powered by eBPF and AI. It captures real time kernel level activity across Linux systems and turns it into clear, actionable reports. Teams can define custom rules to track files, processes, users, and network behavior for compliance, investigation, or security.
Overview
Sentrilite is a programmable system audit and observability platform for Linux servers, designed to provide deep, real-time visibility into kernel-level activity. Powered by eBPF, it captures detailed system events such as process execution, file access, socket connections, and user actions with minimal overhead and no invasive agents.
Users can define custom detection rules to track specific behavior across files, users, commands, IPs, or network ports. Whether you are monitoring for security anomalies, building compliance workflows, or generating investigative logs, Sentrilite delivers structured real-time alerts and detailed, LLM-ready reporting. The built-in dashboard lets teams correlate and audit events across multiple servers with precision and speed.
Sentrilite is ideal for teams seeking modern Linux observability, audit automation, and lightweight threat triage capabilities. It is self-hosted, open, and easily programmable. It supports both interactive monitoring and automated PDF report generation, making it suitable for security teams, DevOps engineers, and compliance auditors alike.
Highlights
- Real time system audit and Linux observability. Monitor file access, user activity, process execution, and network events directly from the Linux kernel using eBPF. Custom rules and programmable alerts. Define flexible detection rules for files, ports, commands, and users to generate real time alerts and actionable insights. LLM ready reports for compliance and forensics. Export structured, timestamped system data to support investigations, audits, and security workflows.
Details
Sold by
Categories
Delivery method
Delivery option
64-bit (x86) Amazon Machine Image (AMI)
Latest version
Operating system
Ubuntu 24.02
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Refunds are available within 15 days of purchase if the product fails to function as described and we cannot resolve the issue. Contact info@sentrilite.com with your AWS account ID, license key, and a brief description of the problem.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Release Notes for Sentrilite v1.0.0
Release Date: June 24, 2025 Version: v1.0.0
Key Features:
Kernel level observability using eBPF for lightweight system audit Real time tracing of process activity, network connections, and file access Web based dashboard for live monitoring and review Built in rules engine to flag unusual behavior such as access to sensitive files Event tagging, risk level scoring, and visual alert timeline Tracks system events including execve, socket, connect, and accept Correlates activity by process ID, user ID, and remote IP Identifies potentially unauthorized access or suspicious command chainsAdditional details
Usage instructions
https://github.com/sentrilite/sentrilite Follow installation steps.
Resources
Vendor resources
Support
Vendor support
Email: info@sentrilite.com Phone: (+1) 917-478-5419
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Customer reviews
No customer reviews yet
Be the first to review this product . We've partnered with PeerSpot to gather customer feedback. You can share your experience by writing or recording a review, or scheduling a call with a PeerSpot analyst.