Skip to main content

Runtime Monitoring

Gluon provides real-time monitoring of your application’s behavior.

Secret Detection

Monitors stdout/stderr for exposed secrets: 
gln run -- npm start

Detection Patterns

PatternExample
AWS KeysAKIA...
GitHub Tokensghp_..., gho_...
Stripe Keyssk_live_..., sk_test_...
Generic API Keysapi_key=...
Passwordspassword=...
Private Keys-----BEGIN RSA PRIVATE KEY-----

Protection Modes

Logs warnings when secrets are detected:
gln run -- npm start
Secrets pass through with a warning in the log.

Custom Redaction Text

gln run --mode redact --redact-text "***HIDDEN***" -- npm start

Network Monitoring

Track outbound HTTP/HTTPS requests: 
gln run -- npm start
Monitors:
  • Request URLs
  • Request methods
  • Response status codes
  • Request timing

Disable Network Monitoring

gln run --no-network -- npm start

Environment Variable Tracking

Gluon tracks which environment variables are accessed:
  • Variables read from process.env
  • Variables containing sensitive patterns
  • Variables exposed to child processes

Exit Report

When your app exits, Gluon displays a summary: 
┌─────────────────────────────────────────────┐
│           Gluon Security Report             │
├─────────────────────────────────────────────┤
│ Secrets Detected: 2                         │
│ Network Requests: 15                        │
│ Env Vars Accessed: 8                        │
└─────────────────────────────────────────────┘

Configuration

Configure monitoring in .dotset/gluon/config.yaml: 
secrets:
  mode: detect        # detect | redact | block
  redactText: "[REDACTED]"
  alertOnExposure: true
  patterns:
    - name: "custom-api-key"
      pattern: "myapp_[a-z0-9]{32}"

network:
  enabled: true
  logRequests: true
  allowlist:
    - "*.myapp.com"