guard command controls Panguard’s real-time protection agent — a three-layer AI pipeline that monitors your system continuously, detects threats, and responds automatically. Guard runs as a background service and reports events through your configured notification channels.
Usage
Subcommands
| Subcommand | Description |
|---|---|
start | Start the Guard agent |
stop | Stop the running Guard agent |
status | Show current Guard status and statistics |
install | Install Guard as a system service (systemd / launchd) |
uninstall | Remove the Guard system service |
config | View or modify Guard configuration |
help | Show Guard subcommand help |
Options
Override the default data directory where Guard stores logs, baselines, and state files. Defaults
to
~/.panguard/guard/.Examples
How It Works
Guard operates through three layers of AI processing:- Layer 1 — Rule Engine — ATR rules for known threat patterns
- Layer 2 — Behavioral AI — Machine learning baselines detect anomalous process, network, and file activity
- Layer 3 — LLM Judgment — Large language model correlates events, judges severity, and generates plain-language alerts
Related
Guard Product Overview
Architecture and design of the Guard agent.
Agent Pipeline
Deep dive into the three-layer AI processing pipeline.
Guard Configuration
Customize monitors, thresholds, and auto-response rules.