All posts
releasenetworkalertsai

OmniMon v6.2.0: Advanced Network Analysis, Alerts and AI Actions

OmniMon 6.2.0 expands the product into full network visibility with live dashboards, configurable network alerts, cross-platform capture, and contextual AI actions across desktop and CLI.

March 9, 2026

Release overview

OmniMon v6.2.0 turns network traffic into a first-class workflow. This release adds active connection capture across macOS, Linux, and Windows, ships a complete network dashboard in the desktop app, introduces configurable network alerts, and extends the AI layer with traffic analysis and connection-aware actions.

Advanced network analysis

  • Cross-platform active connection capture using lsof on macOS, /proc/net on Linux, and Windows TCP/UDP tables with native fallbacks
  • NetworkConnection model with protocol, state, throughput, hostname, and GeoIP context
  • NetworkSnapshot history with a circular buffer of 60 snapshots, covering about 5 minutes of traffic
  • Async reverse DNS lookup with cache, TTL, and concurrency limits
  • Rich filtering by protocol, port, process, PID, host, throughput, localhost, and established state
  • Watcher integration with capture every 6 seconds and push-based network-update events

Network alerts

  • Configurable alert rules for bandwidth spikes, external connections, suspicious ports, process spikes, excessive connections, and suspicious destinations
  • Debounce plus cooldown so alerts wait for repeated evidence instead of triggering on one noisy sample
  • Factory presets for high bandwidth, suspicious ports, x5 spikes, and more than 200 simultaneous connections
  • Persistent UI configuration with toggle switches, creation modal, and saved preferences
  • Integrated notifications with direct actions to investigate or ask the AI assistant

Desktop dashboard

  • NetworkDashboard.svelte with real-time upload/download metrics, live connections, and sparkline history
  • ConnectionsTable.svelte with sorting and filters for protocol, process, domain, and minimum traffic
  • ProcessNetworkView.svelte for grouping connections by process and bandwidth distribution
  • NetworkMap.svelte refactored into an interactive SVG graph with animated traffic and active node pulses
  • ConnectionDetail.svelte with IP, hostname, country, throughput, and AI shortcuts

AI-powered network workflows

  • New presets for network traffic analysis and anomaly detection
  • Network context injected into AI prompts so chats can reason about live connections and open ports
  • Contextual “What is this?” action directly from connection detail panels
  • close_connection tool calling with frontend confirmation before action
  • EN/ES translations for network tools and network-aware workflows

CLI and platform hardening

  • New CLI surface: omnimon network --connections, --filter, --alerts, --top, and --watch
  • Windows hardening with TCP/UDP table APIs and fallback to netstat
  • Linux parsing fixes for inode-to-PID resolution, IPv6 handling, and ss fallback
  • macOS hardening with automatic lsof path detection and tighter timeouts

Quality and documentation

  • 941 tests across Rust and frontend
  • Expanded parsing tests for lsof, /proc/net, netstat, and ss
  • Frontend coverage for network dashboard, table, alert config, process view, and network store
  • New docs in docs/NETWORK_ANALYSIS.md plus updated command references

Install

# macOS
brew tap chochy2001/omnimon && brew install --cask omnimon

# Linux
curl -fsSL https://get.omnimon.com.mx | bash

# Windows
winget install chochy2001.omnimon

Full changelog on GitHub

All posts

Previous release

OmniMon v6.1.0

Signed releases, hardened keys, AI streaming, and grouped health alerts.

Source release

GitHub release page

Inspect the release assets, notes, and network-focused changes.