heron
Enrichment pendingAgent and LLM API performance monitoring via network packet probe. Measures performance of OpenClaw, Claude, Codex, DeepAgents and more, deployed on the provider side, no SDK changes required.
GraphCanon updated today · GitHub synced today
Verify the decision
Maintenance and security
Full trust report- Maintenance
- Active (22d since push)
- As of today
- Provenance
- Not a fork · Organization account
- As of today
- Security (OSV)
- No lockfile
- As of today
Public GitHub metadata and optional OSV scans. Signals, not a guarantee. Trust methodology.
Install
cargo add heron crates.ioSimilar tools
Same-category neighbours. No typed graph edges are catalogued for this tool yet.
Evidence and technical details
Sourced facts, taxonomy, compatibility claims, README excerpt, and machine-readable endpoints.
Overview
Agent and LLM API performance monitoring via network packet probe. Measures performance of OpenClaw, Claude, Codex, DeepAgents and more — deployed on the provider side, no SDK changes required.
Capability facts
- Languages
- rust
Source: github.language · Jul 15, 2026
Categories
Tags
README
30-Second Quick Start
No live capture needed. No privileges. Just a .pcap with LLM traffic.
---
# Install (Linux/macOS, user-local, no sudo)
curl -fsSL https://raw.githubusercontent.com/Netis/heron/main/install.sh \
| INSTALL_DIR="$HOME/.local" sh
---
## Install & Verify with an AI Agent
Running an AI coding agent (Claude Code, Codex, etc.)? Hand it the prompt below
and let it do the install + smoke test. It needs only shell access to the target
machine.
```text
Install and smoke-test Heron (https://github.com/Netis/heron) on this machine:
1. Read the README and docs/install.md to pick the right install path.
Use the one-line installer; user-local (no sudo) is fine.
2. Verify the binary: `heron --version` and `heron --help` both work.
3. Smoke-test WITHOUT live capture (no privileges needed): find or fetch a
small .pcap with LLM traffic (the repo's testdata/pcaps/ has fixtures),
then run `heron --pcap-file <file> --no-retention`.
4. Confirm the API is up: `curl -s http://localhost:3000/api/health` returns
healthy, and `curl -s 'http://localhost:3000/api/traces?limit=5'` returns
reconstructed traces.
5. (Optional, needs CAP_NET_RAW) for a live test: setcap the binary and run
`heron -i <iface>`, generate some LLM traffic through the host, then
re-check the console at http://localhost:3000.
Report the console URL and the trace count you saw. Don't hard-code or commit
any host/credential — this repo rejects infra leakage in CI.
The last line matters: a check-leakage.sh CI gate fails any PR that commits a
private IP, plaintext credential, or key — keep your own infra out of anything
you push back.
For agents
This page has a .md twin and JSON over the API.