{"id":14979045,"url":"https://github.com/tracecathq/tracecat","last_synced_at":"2026-03-12T05:02:17.958Z","repository":{"id":227365014,"uuid":"763923484","full_name":"TracecatHQ/tracecat","owner":"TracecatHQ","description":"Open source Tines / Splunk SOAR alternative. All-in-one automation platform (workflows, tables, cases) for security and IT teams.","archived":false,"fork":false,"pushed_at":"2025-05-10T02:28:58.000Z","size":52043,"stargazers_count":2627,"open_issues_count":31,"forks_count":203,"subscribers_count":24,"default_branch":"main","last_synced_at":"2025-05-10T03:36:44.889Z","etag":null,"topics":["automation","cybersecurity","event-driven","fastapi","incident-response","llm","low-code","monitoring","nextjs","openapi","orchestration","pydantic","security","temporalio","workflow-engine"],"latest_commit_sha":null,"homepage":"https://tracecat.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"agpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TracecatHQ.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2024-02-27T06:48:32.000Z","updated_at":"2025-05-10T02:29:01.000Z","dependencies_parsed_at":"2024-05-21T02:39:55.636Z","dependency_job_id":"5366e6de-7106-453d-b2c6-cf9c2b139d74","html_url":"https://github.com/TracecatHQ/tracecat","commit_stats":{"total_commits":2164,"total_committers":16,"mean_commits":135.25,"dds":0.416358595194085,"last_synced_commit":"81105c8949efa675629bd3bb9dfe43ead9fe52bb"},"previous_names":["tracecathq/tracecat"],"tags_count":155,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TracecatHQ%2Ftracecat","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TracecatHQ%2Ftracecat/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TracecatHQ%2Ftracecat/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TracecatHQ%2Ftracecat/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TracecatHQ","download_url":"https://codeload.github.com/TracecatHQ/tracecat/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254053249,"owners_count":22006717,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["automation","cybersecurity","event-driven","fastapi","incident-response","llm","low-code","monitoring","nextjs","openapi","orchestration","pydantic","security","temporalio","workflow-engine"],"created_at":"2024-09-24T13:59:01.401Z","updated_at":"2026-03-12T05:02:17.951Z","avatar_url":"https://github.com/TracecatHQ.png","language":"Python","readme":"\u003cdiv align=\"center\"\u003e\n  \u003cpicture\u003e\n    \u003csource media=\"(prefers-color-scheme: dark)\" srcset=\"img/banner-dark.svg\"\u003e\n    \u003csource media=\"(prefers-color-scheme: light)\" srcset=\"img/banner-light.svg\"\u003e\n    \u003cimg src=\"img/banner-light.svg\" alt=\"The AI-native security automation platform.\"\u003e\n  \u003c/picture\u003e\n  \u003cp align=\"center\"\u003e\n    The AI-native security automation platform.\n  \u003c/p\u003e\n\n  \u003cbr\u003e\n\u003c/div\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n![Commits](https://img.shields.io/github/commit-activity/m/TracecatHQ/tracecat?style=for-the-badge\u0026logo=github\u0026color=6E7ED8)\n![License](https://img.shields.io/badge/License-AGPL%203.0-6E7ED8?style=for-the-badge\u0026logo=agpl)\n[![Discord](https://img.shields.io/badge/Discord-Join-5865F2?style=for-the-badge\u0026logo=discord\u0026logoColor=white)](https://discord.gg/H4XZwsYzY4)\n\n\u003c/div\u003e\n\n## Introduction\n\n[Tracecat](https://tracecat.com) is the AI-native automation platform for technical operations.\n\nPurpose-built for agents and open source for builders:\n- **Prompt-to-automations**: build end-to-end automations with agents, workflows, and tables from your own agent harness (e.g. Claude code, Codex, OpenCode).\n- **Code-native**: sync custom Python scripts from your Git repo into Tracecat.\n- **All-in-one**: agents, workflows, lookup tables, and case management. Everything technical teams need to automate work in one place. \n- **Self-host anywhere**: Docker, Kubernetes, AWS Fargate.\n\nSandboxed-by-default with [`nsjail`](https://github.com/google/nsjail) and run on [Temporal](https://temporal.io) for security, reliability, and scale.\n\n## Features\n\n### Key Capabilities\n\n- **Agents**: build custom agents with prompts, tools, chat, and any MCP server (remote HTTP / OAuth or local via `npx` / `uvx` commands)\n- **Workflows**: low-code builder with complex control flow (if-conditions, loops) and durable execution (Temporal)\n- **Case management**: track, automate, and resolve work items with agents and workflows\n- **Integrations**: over 100+ pre-built connectors to enterprise tools via HTTP, SMTP, gRPC, OAuth, and more\n- **MCP server**: work with Tracecat through your own agent harness\n- **Custom registry**: turn custom Python scripts into agent tools and workflow steps\n\n### Other OSS Highlights\n\n- **Sandboxed**: run untrusted code and agents within `nsjail` sandboxes or `pid` runtimes.\n- **Lookup tables**: store and query structured data\n- **Variables**: reuse values across workflows and agents\n- **No SSO tax**: SAML / OIDC support\n- **Audit logs**: exportable into your SIEM\n\n### Enterprise Edition\n\n- **Fine-grained access control**: RBAC, ABAC, OAuth2.0 scopes for humans and agents\n- **Human-in-the-loop**: review and approve sensitive tools calls from a unified inbox, Slack, or email\n- **Workflow version control**: sync to GitHub, GitLab, Bitbucket, etc.\n- **Metrics and monitoring**: for workflows, agents, and cases\n\n## Getting Started\n\n\u003e [!IMPORTANT]\n\u003e Tracecat is in active development. Review the release [changelog](https://github.com/TracecatHQ/tracecat/releases) before updating.\n\n### Self-hosting\n\n### Run Tracecat locally\n\nDeploy a local Tracecat stack using Docker Compose. View full instructions [here](https://docs.tracecat.com/self-hosting/deployment-options/docker-compose).\n\n```bash\n# Setup environment variables and secrets\ncurl -o env.sh https://raw.githubusercontent.com/TracecatHQ/tracecat/1.0.0-beta.15/env.sh\ncurl -o .env.example https://raw.githubusercontent.com/TracecatHQ/tracecat/1.0.0-beta.15/.env.example\nchmod +x env.sh \u0026\u0026 ./env.sh\n\n# Download Caddyfile\ncurl -o Caddyfile https://raw.githubusercontent.com/TracecatHQ/tracecat/1.0.0-beta.15/Caddyfile\n\n# Download Docker Compose file\ncurl -o docker-compose.yml https://raw.githubusercontent.com/TracecatHQ/tracecat/1.0.0-beta.15/docker-compose.yml\n\n# Start Tracecat\ndocker compose up -d\n```\n\n### Cloud deployments\n\nFor production deployments, check out one of the following IaaC (Infrastructure as Code) options:\n\n- Kubernetes (Helm chart) under [`deployments/helm`](https://github.com/TracecatHQ/tracecat/tree/main/deployments/helm)\n- AWS ECS Fargate (Terraform) under [`deployments/fargate`](https://github.com/TracecatHQ/tracecat/tree/main/deployments/fargate)\n- AWS EKS (Terraform) under [`deployments/eks`](https://github.com/TracecatHQ/tracecat/tree/main/deployments/eks)\n\n## Tech Stack\n\n- Backend: Python with FastAPI, SQLAlchemy, Pydantic, uv\n- Frontend: Next.js with TypeScript, React Query, Shadcn UI\n- Durable workflows and jobs: Temporal\n- Sandbox: nsjail\n- Database: PostgreSQL\n- Object store: S3-compatible\n\n## Open Source vs Enterprise\n\nThis repo is available under the [AGPL-3.0 license](https://github.com/TracecatHQ/tracecat/blob/main/LICENSE) with the following exceptions:\n\n- `packages/tracecat-ee` directory is under Tracecat's paid EE (Enterprise Edition) license.\n- `deployments/helm` and `deployments/eks` directory is under the source available [PolyForm Shield License](https://polyformproject.org/licenses/shield/1.0.0/). This allows you to use the Tracecat Helm chart and EKS deployment templates for internal use only.\n- Any code that gates `ee` features across the repo\n\nCode that fall under the above exceptions must not be redistributed, sold, or otherwise commercialized without permission.\n\n*If you are interested in Tracecat's Enterprise License or managed Cloud offering, check out [our website](https://tracecat.com) or [book a meeting with us](https://cal.com/team/tracecat).*\n\n## Community\n\nHave questions? Feedback? Come hang out with us in the [Tracecat Community Discord](https://discord.gg/H4XZwsYzY4).\n\n## Contributors\n\nThank you all our amazing contributors for contributing code, integrations, docs, and support. Open source is only possible because of you.\nCheck out our [Contribution Guide](CONTRIBUTING.md) for more information.\n\n\u003ca href=\"https://github.com/TracecatHQ/tracecat/graphs/contributors\"\u003e\n  \u003cimg src=\"https://contrib.rocks/image?repo=TracecatHQ/tracecat\" /\u003e\n\u003c/a\u003e\n\n\u003cbr\u003e\n\u003cbr\u003e\n\n\u003cdiv align=\"center\"\u003e\n\n  \u003csub\u003e**`Tracecat`** is distributed under [**AGPL-3.0**](https://github.com/TracecatHQ/tracecat/blob/main/LICENSE)\u003c/sub\u003e\n\n\u003c/div\u003e\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftracecathq%2Ftracecat","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftracecathq%2Ftracecat","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftracecathq%2Ftracecat/lists"}