Agent Activity is an advanced monitoring platform designed to gather and manage system information from registered desktop machines. Integrating a Python endpoint agent, a FastAPI backend, and an Angular-based dashboard, it provides a comprehensive solution for monitoring system activity, ensuring all data is centralized for easy access and review.

Each enrolled machine regularly communicates with the backend, sharing health data and checking for any tasks that need execution. The dashboard transforms this streaming data into a user-friendly operator console, displaying details such as online status, host specifications, system metrics, screenshots, activity logs, and command results, all from one intuitive interface.

Key Features

Real-Time Agent Monitoring

Agents connect with key machine identifiers, including hostname, operating system, IP address, MAC address, and hardware specifications. Continuous heartbeat metrics from these agents allow for real-time tracking of which machines are active, presenting operators with a live overview of their system fleet.

Keyboard Capture (Keylogs)

The platform supports keyboard activity logging on compatible desktop systems, organizing keystrokes into structured events. These events are stored locally in JSON Lines format and sent to the backend periodically for analysis.

Clipboard Interception

Agents can track clipboard changes, capturing text content that meets configured length requirements. Like keylogs, clipboard events are processed locally, enabling a review of copied text alongside the active application.

Screenshot Capture

Screenshots are taken at set intervals, compressed for storage, and uploaded to the backend. The platform efficiently manages old local screenshots to optimize space without losing important data.

System Metrics Collection

Heartbeats encompass essential metrics including CPU and memory usage, disk space, network performance, and uptime. This ongoing collection of system data allows operators to monitor the health and performance of machines over time.

Remote Command Execution

The backend can queue and execute commands on online agents, providing capabilities such as listing directory contents and inspecting running processes. This feature is kept concise and purposeful to ensure effective monitoring.

Security Consideration

Given the sensitive nature of information that may be collected—such as clipboard contents and keystrokes—users should utilize Agent Activity within authorized environments where monitoring is openly disclosed and accepted.

For detailed implementation guidelines, including packaging the agent for different operating systems and more extensive documentation, references are provided throughout the repository.