A powerful, easily deployable network traffic analysis tool suite

Quick Start



Supported Protocols




Hedgehog Linux

Contribution Guide

Asset Management with NetBox

Malcolm provides an instance of NetBox, an open-source “solution for modeling and documenting modern networks.” The NetBox web interface is available at at https://localhost/netbox/ if you are connecting locally.

The design of a potentially deeper integration between Malcolm and Netbox is a work in progress. The purpose of an asset management system is to document the intended state of a network: were Malcolm to actively and agressively populate NetBox with the live network state, a network configuration fault could result in an incorrect documented configuration. The Malcolm development team is investigating what data, if any, should automatically flow to NetBox based on traffic observed (enabled via the NETBOX_CRON environment variable in docker-compose.yml), and what NetBox inventory data could be used, if any, to enrich Malcolm’s network traffic metadata. Well-considered suggestions in this area are welcome.

Please see the NetBox page on GitHub, its documentation and its public demo for more information.