explaingit

asymptote-labs/agent-beacon

Analysis updated 2026-05-18

44GoAudience · ops devopsComplexity · 4/5Setup · hard

TLDR

A local, open source telemetry tool that logs what AI coding agents do on a developer's machine for security teams.

Mindmap

mindmap
  root((Beacon))
    What it does
      Captures AI agent activity
      Writes Wazuh-compatible logs
      Local dashboard
    Tech stack
      Go
      Wazuh
      Splunk HEC
    Use cases
      Security monitoring
      MDM deployment
      SIEM forwarding
    Audience
      Security teams
      IT teams

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Log prompts, commands, tool use, and file edits from AI coding assistants on developer laptops.

USE CASE 2

Deploy Beacon across a fleet of Macs using Jamf Pro or Fleet MDM.

USE CASE 3

Forward captured AI agent events to Wazuh or Splunk for centralized security monitoring.

What is it built with?

GoWazuhSplunk HEC

How does it compare?

asymptote-labs/agent-beaconsaiyam1814/kiacrockorager/comview
Stars444547
LanguageGoGoGo
Setup difficultyhardmoderateeasy
Complexity4/53/52/5
Audienceops devopsops devopsdeveloper

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · hard Time to first run · 1h+

Fleet deployment requires macOS MDM tooling such as Jamf Pro or Fleet, and a signed, notarized package install.

No license information is provided in the README.

In plain English

Beacon is an open source monitoring tool that watches what AI coding assistants are doing on a developer's computer and produces a structured log of that activity for security teams to review. As AI agents like coding assistants start taking real actions such as running commands, reading and editing files, and making network requests, organizations face a new visibility gap: they can see what applications are installed but have no unified record of what the AI actually did during a session. Beacon runs quietly in the background on the endpoint, the developer's laptop or workstation, and intercepts telemetry from supported AI runtimes. It captures things like which prompts were sent, which tools the agent invoked, which commands it ran, which files it touched, and what approvals were granted or denied. All of this is written to a local log file in a structured format compatible with Wazuh, a popular open source security information platform. Teams that use Splunk, another security monitoring system, can forward the same events there as an optional step. The tool is deliberately local first: it does not send data to any external server during normal operation, which matters for organizations that handle sensitive code. A local only dashboard lets individuals inspect their own agent activity in a browser without sending anything off the machine. Security and IT teams can deploy Beacon across a fleet of developer Macs using MDM tools like Jamf Pro or Fleet. It is written in Go and currently supports macOS.

Copy-paste prompts

Prompt 1
Explain what data Beacon captures from Claude Code and Cursor sessions and where it stores it.
Prompt 2
Show me the command to validate a managed Mac's Beacon endpoint status.
Prompt 3
Help me understand the difference between Beacon's metadata, redacted, and full content retention modes.
Prompt 4
Walk me through deploying Beacon to a fleet of developer Macs using Jamf.

Frequently asked questions

What is agent-beacon?

A local, open source telemetry tool that logs what AI coding agents do on a developer's machine for security teams.

What language is agent-beacon written in?

Mainly Go. The stack also includes Go, Wazuh, Splunk HEC.

What license does agent-beacon use?

No license information is provided in the README.

How hard is agent-beacon to set up?

Setup difficulty is rated hard, with roughly 1h+ to a first successful run.

Who is agent-beacon for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.