explaingit

xoriin/netmap

Analysis updated 2026-06-24

42TypeScriptAudience · ops devopsComplexity · 3/5LicenseSetup · moderate

TLDR

Single-container self-hosted dashboard for home labs and small offices: topology canvas, IPAM, ICMP/TCP monitoring, syslog ingest, alerts and Nmap discovery.

Mindmap

mindmap
  root((NetMap))
    Inputs
      Devices and links
      Nmap scans
      Syslog streams
      DHCP leases
    Outputs
      Topology canvas
      Uptime graphs
      Firewall log search
      Alerts
    Use Cases
      Map a home lab
      Monitor uptime
      Tail pfSense logs
      Track subnets
    Tech Stack
      Docker
      TypeScript
      Nmap
      Syslog
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

What do people build with it?

USE CASE 1

Map a home lab network on a topology canvas

USE CASE 2

Monitor device uptime with ICMP ping and TCP port checks

USE CASE 3

Ingest syslog from pfSense, OPNsense or Unifi on port 5514

USE CASE 4

Track IPAM with subnets, VLANs and DHCP lease imports

What is it built with?

DockerTypeScriptNmapSyslog

How does it compare?

xoriin/netmaphaoaaa-111/taoketongjavlonbek1233/-immersive-ui-1
Stars424439
LanguageTypeScriptTypeScriptTypeScript
Setup difficultymoderatemoderateeasy
Complexity3/53/51/5
Audienceops devopsgeneralvibe coder

Figures from each repo's GitHub metadata at analysis time.

How do you get it running?

Difficulty · moderate Time to first run · 30min

Generate SECRET_KEY and Fernet MASTER_KEY before compose up, syslog port 5514 needs UDP/TCP exposed.

GPL-3.0 license, free to use and modify, but derived works must also be released under GPL-3.0.

In plain English

NetMap is a self-hosted dashboard for keeping an eye on a home lab or small office network. The single Docker container bundles a web UI, an API, a database, and a syslog receiver, so there is nothing extra to orchestrate. The author describes it as one application that knows what is on your network, where it sits, and whether it is behaving, with no cloud account, no subscription, and no telemetry sent out. The core feature is a topology canvas where you draw your network. You add devices, draw links between them, group things into VLANs or clusters, and annotate them. A force-directed layout arranges nodes automatically, and you can move and lock them into place. Layouts are saved, multiple named sites are supported (so home, lab, and an off-site location stay separate), and the device-type icons include server, workstation, switch, router, firewall, access point, camera, phone, VPN, and cloud endpoint. The inventory itself is a searchable and filterable table with bulk-edit support. Monitoring runs continuously in a background thread independent of the UI. Each device gets ICMP ping with an RTT history graph, optional TCP port checks, a heartbeat strip showing the last 30 poll results as a colour bar, and a rolling uptime percentage. The IPAM module tracks subnets, VLANs, and individual address assignments (static, DHCP, or reserved), imports DHCP leases from a router lease file, shows a per-subnet grid of used and free addresses, and flags duplicate assignments. Firewall log handling is built in. NetMap listens for syslog over UDP and TCP on port 5514 (mapped from 1514 inside the container) and accepts RFC 5424 or 3164 sources, with examples named for pfSense, OPNsense, and Unifi. The browser can live-tail the stream, search by IP, protocol, port, or action, and each event is matched against the inventory so a log line links back to a device card. Default retention is seven days, and an allowlist limits which senders may submit logs. A network-discovery feature runs Nmap against a subnet and pre-populates the new device records with hostnames, MAC addresses, and open ports. Extras include built-in ping, traceroute, TCP connect, DNS lookup, and a subnet calculator, plus alert rules that fan out to ntfy, Telegram, Signal, or SMTP email with a cooldown per rule. Access control offers four roles (SuperAdmin, NetworkAdmin, SecurityAnalyst, Viewer) with customisable permissions, and exports cover PDF reports, CSV and JSON dumps, full backup and restore, and an audit log of writes. Installation is a docker-compose.yml plus two generated secrets, SECRET_KEY and a Fernet MASTER_KEY. NetMap is licensed under GPL-3.0.

Copy-paste prompts

Prompt 1
Bring up NetMap from the docker-compose.yml after generating SECRET_KEY and a Fernet MASTER_KEY.
Prompt 2
Point my pfSense firewall syslog at NetMap on port 1514 and verify events appear in the live tail.
Prompt 3
Run NetMap's Nmap discovery against my 192.168.1.0/24 subnet and pre-populate inventory.
Prompt 4
Configure NetMap alert rules that fan out to ntfy and Telegram with a 10-minute cooldown.
Prompt 5
Create a SecurityAnalyst role in NetMap that can read logs but cannot edit topology.

Frequently asked questions

What is netmap?

Single-container self-hosted dashboard for home labs and small offices: topology canvas, IPAM, ICMP/TCP monitoring, syslog ingest, alerts and Nmap discovery.

What language is netmap written in?

Mainly TypeScript. The stack also includes Docker, TypeScript, Nmap.

What license does netmap use?

GPL-3.0 license, free to use and modify, but derived works must also be released under GPL-3.0.

How hard is netmap to set up?

Setup difficulty is rated moderate, with roughly 30min to a first successful run.

Who is netmap for?

Mainly ops devops.

Open on GitHub → Explain another repo

This repo across BitVibe Labs

Verify against the repo before relying on details.