Skip to main content

Remote Monitoring

Use this when FlowLayer runs on another machine and your team needs live visibility.

Safe baseline

run server with explicit bind and token
expose access only through trusted network paths
connect TUI from remote terminals with explicit -addr and -token

Example:

flowlayer-server -c ./flowlayer.jsonc -s 127.0.0.1:6999 -token remote-dev-token
flowlayer-client-tui -addr 127.0.0.1:6999 -token remote-dev-token

SSH tunnel workflow

ssh -N -L 6999:127.0.0.1:6999 dev@remote-host
flowlayer-client-tui -addr 127.0.0.1:6999 -token remote-dev-token

Monitoring checklist

verify /health before opening TUI
verify expected services exist in initial snapshot
use get_logs replay after network blips
rotate token if exposure scope changes

Boundaries

FlowLayer auth is session-level, not full network security
do not treat session token as Internet-grade credential

See Remote Access and Session Token.

Safe baseline
SSH tunnel workflow
Monitoring checklist
Boundaries