Skip to content

v1.0.0b

Pre-release
Pre-release

Choose a tag to compare

View all tags
@knivier knivier released this 16 Aug 17:39
v1.0.0b
e05586c

IronWatch v1.0.0 Release

Advanced USB Device Monitor by KnivInstitute

I'm excited to announce the first release of IronWatch, a comprehensive USB device monitoring solution built with Rust for maximum performance and reliability. This is still in beta however as I had to submit this project earlier due to family emergencies.

Installation

Installing IronWatch is as simple as downloading the x64 installer from the binaries below and running it. The installer will guide you through the setup process and configure everything needed to start monitoring your USB devices.

System Requirements:

  • Windows 10/11 (64-bit)
  • Administrator privileges (recommended for full functionality)

Key Features

Modern GUI Interface

  • Real-time Dashboard: Beautiful, responsive interface built with egui framework
  • Live Device Monitoring: Instant updates with smooth animations when devices connect/disconnect
  • Interactive Device Table: Comprehensive device information display with sorting and filtering
  • Advanced Analytics: Device usage statistics, connection frequency analysis, and historical data
  • Security Monitoring: Detect and alert on suspicious USB device activity
  • System Tray Integration: Minimize to system tray for background monitoring
  • Dark/Light Theme Support: Customizable appearance to match your preferences
  • Search & Filteringring: Real-time device filtering with pattern matching

Command Line Interface

  • Multiple Output Formats: Support for Table, JSON, and CSV output formats
  • Continuous Monitoring: Real-time monitoring with customizable polling intervals
  • Device Filtering: Filter devices by manufacturer, product name, or custom patterns
  • Configuration Management: Persistent JSON-based configuration system
  • Comprehensive Logging: Configurable log levels with file output support
  • Batch Operations: Export device lists and monitoring data for analysis

Core Monitoring Capabilities

  • Real-time USB Detection: Instant notification of device connections and disconnections
  • Comprehensive Device Information: VID, PID, manufacturer, product name, device class, and more
  • Connection History: Track device usage patterns and connection frequency
  • Security Event Detection: Identify potentially malicious or unauthorized devices
  • Performance Analytics: Monitor system impact and device performance metrics
  • Export Functionality: Save monitoring data in multiple formats for reporting

Technical Architecture

  • High Performance: Built with Rust for minimal resource usage and maximum reliability
  • Cross-platform USB Access: Uses rusb library for comprehensive USB device access
  • Async Runtime: Tokio-based asynchronous architecture for responsive monitoring
  • Modular Design: Extensible architecture allowing easy feature additions
  • Error Recovery: Robust error handling with graceful degradation
  • Permission Management: Smart handling of USB access permissions

Configuration Options

IronWatch provides extensive configuration options:

Monitoring Settings

  • poll_interval_ms: Device polling frequency (default: 500ms)
  • auto_start: Automatically start monitoring on application launch
  • track_input_events: Monitor USB input device activity
  • detect_suspicious_activity: Enable security event detection

Output Configuration

  • default_format: Choose between table, JSON, or CSV output
  • timestamp_format: Customize timestamp display format
  • include_metadata: Include additional device metadata in output
  • color_output: Enable colored terminal output
  • max_log_entries: Limit log file size

Security Features

  • ignored_vendors: Whitelist trusted device manufacturers
  • ignored_products: Whitelist specific product IDs
  • allowed_device_classes: Filter by USB device classes
  • name_patterns: Custom device name filtering patterns

Usage Examples

GUI Mode (Default)

Simply launch IronWatch from the Start Menu or desktop shortcut. The GUI provides:

  • Dashboard overview with device statistics
  • Real-time device monitoring with visual indicators
  • Detailed device information tables
  • Configuration panel for customizing behavior
  • Export functionality for reports and analysis

CLI Mode Examples

List all connected USB devices:

ironwatch list

Monitor devices continuously with JSON output:

ironwatch monitor --continuous --format json

Filter and monitor specific device types:

ironwatch monitor --filter "camera" --continuous --output camera_events.log

Configuration management:

ironwatch config show
ironwatch config  set monitoring.poll_interval_ms 1000
ironwatch config  set output.default_format json

Output Formats

Table Format

Bus VID:PID  Address Manufacturer         Product                   Class           Timestamp
------------------------------------------------------------------------------------------------
2   1022:15BA 0       AMD                  USB Controller            09              23:31:00
3   5986:118C 1       Generic              Integrated Camera         EF              23:31:00
00

JSON Format

{
   "timestamp": "2025-01-27T23:31:07Z",
   "device_count": 2,
   "devices": [
    {
        "bus_number": 2,
       "device_address": 0,
       "vendor_id": 4130,
       "product_id": 5562,
       "manufacturer": "AMD",
       "product": "USB Controller",
       "device_class": 9,
       "connection_status": "Connected"
    }
  ]
}
}

CSV Format

Bus,VendorID,ProductID,Address,Manufacturer,Product,SerialNumber,DeviceClass,Timestamp

2,1022,15BA,0,AMD,USB Controller,,09,2025-01-27T23:31:07Z

Security Considerations

  • IronWatch requires appropriate permissions to access USB devices
  • Administrator privileges provide the most comprehensive monitoring capabilities
  • The tool logs device information which may be sensitive in certain environments
  • Security event detection helps identify potentially malicious USB devices
  • All monitoring data is stored locally for privacy

Technical Stack

  • Language: Rust 2021 Edition
  • GUI Framework: egui with eframe for cross-platform native GUI
  • USB Access: rusb library for comprehensive USB device monitoring
  • Async Runtime: Tokio for high-performance concurrent operations
  • Serialization: Serde with JSON support for configuration and data export
  • System Integration: notify-rust, tray-icon, winit for native OS features
  • Time Handling: Chrono for precise timestamp management

What's New in v1.0.0

This is the initial stable release of IronWatch, featuring:

  • Complete GUI application with modern interface
  • Full CLI functionality for advanced users and automation
  • Comprehensive USB device monitoring capabilities
  • Security event detection and alerting
  • Multiple export formats for data analysis
  • Robust error handling and recovery
  • System tray integration
  • Extensive configuration options
  • Professional Windows installer with full system integration

Installation Notes

The installer (IronWatch-Setup.exe) includes:

  • Main application executable
  • Complete documentation and quick start guide
  • Desktop and Start Menu shortcuts
  • System integration features
  • USB driver compatibility checks
  • Performance optimization settings
  • File association for IronWatch log files

Support and Documentation

  • GitHub Repository: https://github.com/KnivInstitute/IronWatch
  • Issue Reporting: Use GitHub Issues for bug reports and feature requests
  • Documentation: Complete README.md with usage examples and configuration details
  • Quick Start Guide: Included with installation for immediate productivity

License

IronWatch is released under the MIT License, allowing for both personal and commercial use. You must accredit me however.

Download the installer below and start monitoring your USB devices with IronWatch v1.0.0!

Built with Rust for performance, reliability, and security.

Assets 3