Sentral is a unified command experience built for operations teams who need clarity, speed, and control — bringing availability, health, log intelligence, and backup readiness into one cohesive view.
The Sentral suite unifies the entire operational lifecycle — monitor, alert, investigate, verify, recover, and report — across a single, intelligent interface.
Real-time visibility into network availability and performance quality. Know instantly when critical devices go down and detect performance drift before it becomes an outage.
Operational command center for network reliability. Deep device-level analytics including hardware, interfaces, protocols, and trend intelligence with tunable alert scoring.
Transforms raw device log noise into prioritized, actionable alerts. Real-time and scheduled detection rules with searchable history and archive retrieval for compliance.
Complete, automated, and auditable protection for network configurations. Scheduled backups, snapshot comparison, one-click restore, and governance-ready audit trails.
Sentral shifts NOC teams from reactive firefighting to proactive management through a continuous, interconnected operational loop.
Dual-Engine Architecture: Sentral's Live UI Fetch Mode performs zero-database-load live reads for active panels, while Background Snapshot Mode handles threshold evaluation, alerting, and trend retention. These two engines work in concert to deliver real-time responsiveness without compromising system performance at enterprise scale.
Traditional monitoring platforms force operations teams into reactive workflows with fragmented tools and surface-level visibility.
Sentral layers optional intelligence on top of deterministic monitoring — from a fully airgapped Copilot to full agentic triage — so every team dials in exactly as much autonomy as their security posture allows.
Deploy Sentral completely airgapped. Copilot runs on trained skill sets defined through prompts — no external AI, and no data ever leaves your network. Operators trigger tasks and get answers in plain language, executed by deterministic, purpose-built skills and tools.
Activate AI API integration to add reasoning on top of Copilot. Sentral runs full triage on issues — correlating alerts, logs, health, and configuration across every module to pinpoint root cause and recommend the next action.
Ask Copilot from anywhere — Pulse, Health, SmartLog, or Backup. Query the network, devices, alerts, and logs in context, then elevate to deeper analysis on demand. Bring your own AI provider and model — nothing is locked in.
Pulse is the network availability and connection-quality watchtower for your critical devices. It moves operations teams from reactive firefighting to proactive monitoring with live detection of outages, latency spikes, and quality degradation.
Pulse combines uptime monitoring and quality degradation detection in one workflow. It uses baseline behavior comparison for quality alerts — not just basic up/down checks.
| DEVICE | IP | LATENCY | STATUS |
| PE1-CORE | 10.0.1.1 | 0.3ms | ONLINE |
| BRANCH-02 | 10.0.2.5 | — | OFFLINE |
| WAN-FW1 | 10.0.0.1 | 12.4ms | DEGRADED |
Online vs offline device counts refresh in real time. Incidents surface immediately without manual checking or screen watching.
Detects meaningful performance degradation — latency drift and packet loss changes — even before full outages occur. Based on normal behavior baselines.
Enable or disable notifications per device individually. Suppress alerts during planned maintenance without affecting global notification settings.
Automatic notifications when a device changes state. Recipients configured centrally. No need to watch the screen to stay informed of outages.
Each device entry tracks when it was last seen offline. Enables accurate incident timeline construction and triage prioritization by recency.
Configure polling cadence, timeout behavior, and failure tolerance per device to match operational reality. Avoid false positives on flappy links.
| Capability | Technical Detail |
|---|---|
| Monitoring Protocol | ICMP echo (ping) with configurable timeout and retry thresholds. Failure tolerance tunable per device to reduce false positives on high-latency links. |
| Poll Interval | Configurable polling cadence per device. Dashboard UI reflects live updates every 5 seconds via frontend refresh cycle. |
| Quality Detection | Baseline behavior comparison for latency and packet loss. Quality deviation alerts triggered when drift exceeds configurable thresholds — independent of hard up/down state. |
| Alert Engine | State-transition alerts (online → offline, offline → online) and quality deviation alerts delivered via email. Per-device email enable/disable toggle with centralized recipient management. |
| Device Inventory | Add, edit, remove devices via UI or bulk import. Each device record stores name, description, IP address, and per-device alert settings. |
| Status Data | Per device: current status, latency (ms), packet loss (%), last offline timestamp. Aggregated live totals: online count, offline count, worst latency, worst loss. |
| License Visibility | License state, grace-period status, and device capacity displayed in settings. Alerts surfaced before unexpected monitoring interruptions occur. |
| Data Retention | Last offline timestamps persisted per device. Operational history available for triage and incident correlation workflows. |
Uses Pulse dashboard to see branch locations go offline, triggers escalation immediately, and tracks restoration in real time without leaving the single interface.
Sees repeated latency deviation alerts on a core link, validates the trend against historical data, and prioritizes carrier review before users begin reporting slowness.
Enables notifications only for high-priority devices while suppressing non-critical ones during planned maintenance windows to reduce alert noise.
Uses last offline timestamps and packet-loss signals to correlate recurring instability events with a specific WAN segment for root cause analysis.
Reviews high-level online/offline and quality posture at a glance to understand operational risk and justify resilience infrastructure investments.
Manages device inventory, configures alert thresholds, and validates notification delivery with test sends before new monitoring campaigns go live.
Sentral Health is the operational command center for network reliability. It gives operations teams a single place to detect, prioritize, and act on network and infrastructure issues before they become outages — from live monitoring through to executive-ready reporting.
Health separates protocol events, infrastructure events, and trend events into distinct channels — then rolls them up into a single, tunable warning/critical severity score.
Hardware faults, fan removals, temperature spikes, PSU alarms, and chassis-level conditions that require immediate physical inspection.
Routing adjacency changes, BGP state transitions, IS-IS L2 adjacency losses, OSPF neighbor flaps, and other control-plane instability signals.
Utilization spikes, error rate deviations, interface drop increases, and traffic pattern anomalies detected through continuous baseline comparison.
Routing Engine CPU and memory, FPC slot state, DRAM/Heap/Buffer utilization, PSU and PEM health, fan speeds, temperature readings, and Virtual Chassis mastership.
Bandwidth utilization, error and drop counters, flap detection, optical Rx/Tx dBm power levels, LACP state, LLDP neighbors, and AE bundle balance verification.
Pin critical interfaces, compare traffic patterns side-by-side, track trend deviations over time, and archive graph snapshots for historical comparison and capacity planning.
Acknowledge, silence, and reactivate active alerts. Full searchable alert history with CSV export. Severity state lifecycle from detection through resolution.
Generate operational health PDFs on demand, deliver via email instantly, or schedule recurring reports — daily, weekly, or monthly — for stakeholder distribution.
Tune warning and critical thresholds per device and metric. Control which conditions affect overall health scoring to match your operational risk tolerance.
| Capability | Technical Detail |
|---|---|
| Data Collection | Dual-engine: Live UI Fetch for on-demand panel views (zero DB load), Background Snapshot polling for alert evaluation, trend retention, and scheduled reporting. |
| Protocol Integration | NETCONF-based deep state gathering for BGP neighbors (peer address, AS, state, last transition), IS-IS adjacencies (level, state, transition count), OSPF neighbors, and LACP bundle state. |
| Hardware Polling | Routing Engine CPU (1-min/5-min/15-min load averages), Memory utilization %, Temperature (°C), FPC slot status, DRAM/Heap/Buffer %, PEM and fan hardware alarms. Virtual Chassis VCP neighbor links and mastership role. |
| Interface Telemetry | Inbound/outbound throughput (Mbps/Gbps/% utilization), error and drop counters, flap events, optical Rx/Tx dBm, bias mA for degrading transceiver detection. LLDP neighbor discovery, LACP receive/transmit state, AE member in/out balance (Mbps). |
| Health Scoring | Devices scored as Healthy / Warning / Critical based on configurable threshold evaluation. Three event domains (Protocol, Infrastructure, Trend) independently tracked and aggregated into a tunable composite health indicator. |
| Alert Workflow | Alerts include timestamp, device, component, severity, message context. State machine: Active → Acknowledged → Silenced → Reactivated. Alert history searchable and exportable as CSV. |
| Graph Engine | Line charts for per-interface traffic over configurable time windows. Compare mode: side-by-side, relative (individual or paired maxima), and combined overlay. Snapshot archive for historical comparison. |
| Report Format | PDF health reports covering device posture summary, alert history, interface highlights, and hardware condition. Deliver on-demand or via daily/weekly/monthly scheduled email. |
| Device Safeguards | Built-in protection prevents polling overloads on stressed hardware. Reconciliation and audit controls validate alert coverage integrity. |
Key Insight: Health goes beyond generic SNMP scraping. Component-level diagnostics — including FPC slot DRAM, optical transceiver dBm, and AE bundle balance — detect degradation and capacity threshold approaches long before service impact occurs. Built-in device safeguards prevent polling overloads on stressed hardware during incident conditions.
Uses the live dashboard and alert queue to detect critical device issues, acknowledges ownership in the alert workflow, and drills into hardware or interface panels to isolate impact quickly.
Uses interface analytics and protocol views to identify recurring degradation on key links, then schedules preventive remediation before the issue escalates to service impact.
Exports alert history and PDF health reports to provide customers with transparent incident timelines, recovery proof, and evidence for SLA discussions.
Reviews scheduled health reports to track reliability posture, risk concentration, and operational improvement over time without needing direct dashboard access.
Uses pinned interface graphs, compare mode, and long-term trend views to identify utilization growth hotspots and build the data case for infrastructure upgrades.
Tunes warning and critical thresholds to operational risk tolerance, validates that health scoring reflects actual business impact, and uses reconciliation tools to audit alert coverage.
SmartLog centralizes device logs from across the network and applies real-time and scheduled detection rules to convert high-volume log streams into prioritized, targeted alerts — with full search and archive retrieval for investigations and compliance.
SmartLog processes millions of raw device events through a structured filtering pipeline before surfacing only the events that require attention.
Open alerts, acknowledged alerts, total alerts, log volume, disk capacity, and log throughput — all visible at a glance to assess current operational risk.
Build shared match libraries once and attach them to multiple detection rules. Standardizes detection logic across teams and makes rule management consistent.
Create rules for immediate stream matching or periodic retrospective checks. Both modes supported with per-rule email configuration and device scoping.
Search recent logs by keyword and device with adjustable result limits. Immediate root-cause analysis during active incidents without waiting for archive retrieval.
Search historical archived logs by date range and device. Download evidence files for post-incident reviews, compliance audits, and forensic investigations.
Configure retention period, archive location, and low-space cleanup threshold. Prevent storage incidents with automated housekeeping and capacity monitoring.
| Capability | Technical Detail |
|---|---|
| Log Ingestion | Syslog receiver centralizing events from multiple devices and vendors. Throughput monitored in logs/second with dashboard visibility. Storage utilization tracked with low-space threshold alerting. |
| Detection Rules | Two execution modes: Real-time (stream matching as logs arrive) and Scheduled (periodic retrospective evaluation). Each rule references one or more keyword lists, a severity ceiling (0–7), optional device scope, and email enable/disable toggle. |
| Keyword Lists | Named lists of match strings (exact text or regex patterns). Reusable across multiple rules. Preview capability shows sample matching log entries before activation. List count visible per entry. |
| Alert Lifecycle | States: Open → Acknowledged → Cleared. Acknowledge individual alerts or acknowledge-all. Full 30-day alert history with searchable filtering by rule name, device, and time range. |
| Log Search | Real-time search of recent log buffer by keyword or IP address. Adjustable result limit. Results returned in structured table: timestamp, device source, severity level, message. Device directory maps IPs to friendly hostnames. |
| Archive System | Logs archived to configured storage location. Archive search by date range and device. Matching log files available for download as evidence artifacts. Supports compliance documentation and forensic investigation workflows. |
| Storage Management | Configurable retention period (days). Configurable archive target location. Low-space cleanup threshold triggers automated housekeeping. Disk utilization and remaining space visible on main dashboard. |
| Email Notifications | Per-rule email enable/disable. Centralized recipient configuration. Test-email action for delivery validation. Rapid escalation for high-priority rule matches. |
| Device Directory | IP-to-hostname mapping for all monitored devices. Improves alert readability and reduces confusion during triage. Metadata maintained for operations clarity. |
Watches dashboard for spikes in open alerts. Acknowledges known events, investigates unknown ones in real-time search, and escalates serious matches through email notification rules.
Creates reusable keyword lists for recurring failure patterns and applies scheduled rules to catch intermittent issues. Reviews alert history to identify chronic problem devices.
Sets high-priority detection rules for suspicious log signatures including login failures, config commits, and privilege escalation. Uses archive search to investigate incidents over a wider date range.
Maintains device naming and host metadata so alerts are clear and actionable. Tunes retention and low-space thresholds to prevent storage incidents from disrupting log collection.
Uses archive search to pull historical log evidence for audit date ranges. Downloads log files for compliance documentation, incident reports, and regulatory review packages.
Reviews dashboard trend indicators and alert volumes for risk visibility. Confirms operational discipline via acknowledgment workflows and uses historical records to support staffing and priority decisions.
Sentral Backup gives operations teams a complete, automated, and auditable way to protect network configurations and recover fast when things go wrong. From scheduled capture through snapshot comparison to one-click restore — with full governance trails.
Sentral Backup protects network operations from configuration loss, failed changes, and recovery delays with a unified workflow spanning capture, validation, comparison, restoration, and compliance.
Randomize Function: When scheduling fleet-wide backups, Sentral automatically groups devices and staggers execution — preventing the simultaneous device connection storm that crushes network bandwidth and CPU when all backups fire at 22:30.
Daily, weekly, or monthly schedules applied per device or fleet-wide. Enable/disable, edit, reload, or delete schedules quickly. Spread execution prevents backup storms.
Backup activity view updates continuously with outcomes. Open detailed run logs for troubleshooting failed backups. Clear visibility into current and recent backup health.
Per-device backup history with newest snapshot highlighted. Actions: download, preview, compare, restore, delete. Older backups expandable on demand.
Side-by-side diff of selected backup versions. Quickly spot exactly what changed between snapshots to validate expected vs. unexpected configuration drift.
Backup files validated automatically after capture. Integrity failures surfaced prominently. Failed integrity checks trigger immediate attention — no silent corruption.
Configure remote offsite targets and automated transfer windows. Upload log provides visibility and troubleshooting capability. Platform backup supports orchestrator-level DR.
| Capability | Technical Detail |
|---|---|
| Device Support | Multi-vendor device families supported in a single inventory. Add via UI or bulk CSV import/export. Per-device and fleet-wide run-now capability. SSH key lifecycle management for device authentication. |
| Scheduling Engine | Daily, weekly, and monthly recurrence options. Apply schedule to single device or all devices simultaneously. Randomize/Spread function groups devices and staggers execution start times to distribute load across backup windows. |
| Integrity Validation | Each captured backup file validated post-collection. Integrity check failures surface prominently in dashboard KPI cards and device backup summary. Prevents silent backup corruption from creating false confidence. |
| Snapshot Library | Per-device versioned backup history. Actions per snapshot: download (raw config file), preview (in-browser), compare (diff against another version), restore (push to device), delete. Failure acknowledgment workflow clears reviewed items without deleting history. |
| Comparison Engine | Side-by-side diff visualization of two selected config snapshots. Highlights added, removed, and changed lines. Supports pre/post change validation and unexpected drift detection. |
| Restore Workflow | Select a known-good backup from the library and push directly to the supported device. Restore action captured in audit log with operator, timestamp, device, and version reference. |
| Audit Log | Immutable action trail covering: download, delete, restore, acknowledgment, schedule create/edit/delete, settings changes. Downloadable audit report for compliance review and governance accountability. |
| Offsite Transfer | Configure remote offsite storage target and automated transfer window. Maintains upload log per transfer cycle for visibility. Extends resilience beyond local snapshot storage. |
| Notifications | Per-backup event notifications. Per-schedule-cycle summary email. Daily aggregate summary. Test-email action for delivery validation. Centralized recipient management. |
| Platform Backup | Full orchestrator/platform backup package creation. Supports complete disaster recovery of the Sentral Backup system itself. Independent of device-level backup operations. |
Monitors dashboard each morning, triages failed backups, reruns affected devices, and uses activity logs to pinpoint failure reasons — often before operators are aware of an issue.
Applies standardized schedules across all devices fleet-wide. Uses the Randomize function to keep backup windows stable without requiring manual per-device timing management.
Uses pre-change and post-change snapshot comparison to validate that only expected configuration changes were applied — and rolls back immediately if unexpected drift is detected.
Exports audit logs monthly for compliance evidence. Verifies who downloaded, deleted, or restored configurations and at what time — for regulatory and governance requirements.
Enables offsite sync and daily summary emails. Tracks overall backup coverage and reliability across the team for reporting to leadership and SLA accountability.
Reviews summary metrics and failure trend visibility to assess operational resilience. Uses the data to support policy decisions around backup SLAs and recovery time objectives.
Sentral Health Graphs gives network teams a single operational graphing layer to monitor, compare, forecast, and act faster across real-time and historical network behavior — answering three questions instantly: what is happening now, is it normal, and where should we act first.
Every graph view in Sentral is designed to drive a decision, not just display data.
Operators pin business-critical interfaces to a dedicated workspace for continuous monitoring. Eliminates repeated navigation — your most important links are always one click away.
Side-by-side or baseline analysis across interfaces and time periods. Four analysis styles: Absolute, Relative (Own Max), Relative (Pair Max), and Overlay. Save comparisons to archive for evidence and audit.
Anomaly and deviation surveillance with continuous baseline comparison. Warning and critical thresholds surface drops and spikes before they escalate. Day-baseline comparison for business-cycle variance detection.
Configurable retention with long-range historical graphing for capacity planning and performance reviews. Archive view stores saved snapshots and comparisons — downloadable for incident reports and governance.
Teams often lose critical time determining whether a traffic shift is normal, change-related, or incident-driven. The Compare function provides immediate visual and metric-based confirmation — turning analysis from a manual investigation into a fast, repeatable workflow.
| Capability | Technical Detail |
|---|---|
| Graph Types | Line charts for inbound/outbound traffic rates. Metrics: throughput (Mbps/Gbps) and utilization (%). Both perspectives available per interface for correct load interpretation. |
| Time Windows | Short to long-horizon views — hourly through monthly. Configurable granularity for long-term retention. Both burst issue detection and slow drift visibility in one workflow. |
| Pinned Workspace | Operators pin business-critical interfaces to a persistent workspace. Pinned interfaces always accessible without re-navigation. Selected interfaces auto-included in daily graph report emails. |
| Compare — Pair Mode | Two pinned interfaces compared over identical time windows. View as Absolute (raw load), Relative/Own Max (per-interface normalized), Relative/Pair Max (common scale), or Overlay (single combined chart). |
| Compare — Day Mode | Single interface compared against a user-selected prior reference day, time-aligned to the same window. Detects variance tied to business cycles, maintenance windows, or recurring traffic events. |
| Trend Deviation | Continuous baseline tracking per interface. Threshold states: Normal / Warning / Critical. Deviation triggered by both spikes and drops. Day-baseline comparison for business-cycle anomaly detection. |
| Insight Feeds | Graph workspace supported by linked analytics: uptime trend, top utilization ranking, error counter trends, interface flap events, and queue-drop visibility for faster root-cause direction. |
| Archive & Retention | Graph snapshots and compare results saved to archive. Configurable long-term retention for historical analysis. Snapshots downloadable as evidence artifacts for incident reviews and governance reporting. |
| Daily Report Delivery | Selected interfaces auto-included in scheduled daily graph email summaries. Supports stakeholder visibility without requiring dashboard access. Delivery alongside Health module PDF reports. |
Pin critical interfaces for persistent monitoring. No repeated navigation — your most important links visible at all times in a dedicated graph workspace.
Switch between throughput (Mbps/Gbps) and utilization (%) perspectives. Each mode gives a different interpretation lens for load across diverse interface types.
Interface-vs-interface and day-vs-day comparison across four analysis styles. Validates changes, confirms incidents, and supports capacity assumptions with visual evidence.
Continuously tracks actual vs. expected behavior. Warning/critical deviation states surface drops and spikes early. Day-baseline mode detects business-cycle-driven anomalies.
Saved snapshots and comparison results stored and downloadable. Provides evidence artifacts for post-incident reviews, stakeholder reports, and audit documentation.
Pinned interfaces auto-included in scheduled daily graph email summaries. Stakeholder visibility without dashboard access — delivered alongside Health PDF reports.
Business Value: Sentral Health Graphs delivers faster incident triage through consolidated graph intelligence, earlier risk detection via trend-based deviation signals, improved capacity planning using retained long-term traffic behavior, and reduced manual reporting burden with automated daily graph delivery and shareable visual evidence for cross-team communication.
Pins critical WAN and core interfaces. Uses trend deviation alerts as early warning before users report degradation. Opens compare mode during incidents to confirm whether behavior is change-related or anomalous.
Uses day-compare mode to validate post-change traffic normalization. Runs pair compare on redundant links to confirm load balancing is working correctly after routing changes.
Uses long-term retention and historical views to identify utilization growth trends across key interfaces. Builds the data case for capacity upgrades with archived evidence from sustained peak periods.
Receives daily graph email summaries for business-critical links without requiring direct dashboard access. Uses archived compare snapshots as evidence in service review and SLA documentation.
Runs before/after compare immediately following a change window. Confirms traffic returned to expected baseline or escalates if divergence is detected. Saves comparison as change evidence artifact.
Reviews daily graph summaries to track network utilization trends over time. Uses capacity planning data from long-term views to justify infrastructure investment decisions to leadership.
Whether you need support, want to request a demo, or have a question about Sentral — our team is ready. Use the chatbot below for instant answers, or reach us directly via the contact details provided.