Skip to main content

Supported Operating Systems

OSMinimum VersionArchitectureNotes
macOS12 (Monterey)+x64, ARM64 (Apple Silicon)Full support including Guard and Trap
Ubuntu20.04 LTS+x64, ARM64Recommended Linux distribution
Debian11 (Bullseye)+x64, ARM64Full support
CentOS / RHEL8+x64SELinux compatible
Windows10 (build 1903)+x64Guard requires Administrator

System Requirements

Node.js >= 20 is required. Panguard uses modern JavaScript features (top-level await, native fetch) that require Node.js 20 or later.Check your version:
node --version
Install or update via nvm:
nvm install 20
nvm use 20
Or via your package manager:
# macOS
brew install node@20

# Ubuntu/Debian
curl -fsSL https://deb.nodesource.com/setup_20.x | sudo -E bash -
sudo apt-get install -y nodejs

# Windows (winget)
winget install OpenJS.NodeJS.LTS
Different Panguard modules have different privilege requirements:
ModuleRoot/Admin RequiredReason
panguard scanNoReads files with user permissions
panguard guardYesMonitors system logs, manages firewall rules
panguard trapYesBinds to privileged ports (< 1024)
panguard chatNoSends notifications over HTTPS
panguard reportNoGenerates reports from existing data
panguard managerNoRuns as a regular HTTP server
Run privileged modules with sudo:
sudo panguard guard start
sudo panguard trap start
ComponentApproximate Size
Panguard CLI + core~50 MB
Sigma rules (3,000+)~15 MB
YARA rules (900+)~8 MB
Threat Cloud database (self-hosted)100 MB — 10 GB (depends on data)
Guard logs + dataGrows over time, recommend 1 GB minimum
Panguard requires outbound HTTPS access to:
DestinationPurpose
auth.panguard.aiAuthentication and subscription management
tc.panguard.aiThreat Cloud intelligence feeds
registry.npmjs.orgPackage installation and updates
api.anthropic.comAI analysis (if using Anthropic)
api.openai.comAI analysis (if using OpenAI)
localhost:11434Ollama local AI (if configured)
All connections can optionally go through an HTTP proxy via the HTTPS_PROXY environment variable.

How to Update

Update Panguard to the latest version: 
npm update -g panguard
After updating, restart any running services: 
# Restart Guard
sudo panguard guard stop
sudo panguard guard start

# Restart Chat
panguard chat stop
panguard chat start
Panguard checks for updates automatically and displays a notification in the CLI when a new version is available. Detection rules (Sigma + YARA) update independently from the CLI tool.

How to Uninstall

To completely remove Panguard from your system: 
# 1. Stop all running services
sudo panguard guard stop
panguard chat stop

# 2. Remove the system service (if installed)
sudo panguard guard uninstall-service

# 3. Uninstall the npm package
npm uninstall -g panguard

# 4. Remove data directories
rm -rf ~/.panguard
rm -rf ~/.panguard-guard
rm -rf ~/.panguard-chat

# 5. Remove credentials
rm -f ~/.panguard/credentials.json

# 6. Remove firewall rules added by Guard
# macOS:
sudo pfctl -F all
# Linux:
sudo iptables -F PANGUARD 2>/dev/null
sudo iptables -X PANGUARD 2>/dev/null
Uninstalling removes all local data including scan history, threat logs, and configuration. Export your data first with panguard report generate if you need historical records.

Common Error Messages

Your Node.js version is too old. Update to Node.js 20+:
nvm install 20 && nvm use 20
You are running a privileged module without root access:
sudo panguard guard start
For non-root setups, see the system service guide.
Panguard is not installed globally, or your PATH does not include the npm global bin directory:
npm install -g panguard
# Or check your PATH:
npm config get prefix
The target service is not running or is unreachable. Check:
  • Is the service started? (panguard status)
  • Is the port correct? (check environment variables)
  • Is a firewall blocking the connection?