Show HN: Hc: An Agentless, Multi-Tenant Shell History Sink

Enterprises with dozens or hundreds of Linux nodes often struggle to locate a single command that resolved an issue, because each host maintains its own Bash or Ash history file. HC addresses this pain point by providing a zero‑install collector that can be hooked into the shell prompt via a simple PROMPT_COMMAND variable. By sending each command line over TLS (or plain TCP in trusted zones) to a central collector, teams gain a searchable, immutable record of every action taken across the infrastructure, dramatically reducing mean‑time‑to‑resolution.

The architecture is deliberately minimalist: incoming streams are written to an append‑only spool file per tenant, then persisted to PostgreSQL, which serves as the authoritative source. Authentication is layered, with API‑key‑based tenant resolution and optional client‑certificate verification, ensuring that only authorized agents can contribute data. Export endpoints return raw, ANSI‑colored text that can be piped directly into familiar tools like grep, awk, or log‑analysis scripts, preserving the original command format for forensic clarity.

From a strategic perspective, HC fills a niche between heavyweight SIEM solutions and ad‑hoc log aggregation. Its focus on raw shell history makes it ideal for compliance audits, post‑mortem investigations, and continuous security monitoring without the overhead of full‑scale event processing. The roadmap—adding SQLite support, a lightweight web UI, and tighter integration with CI/CD pipelines—suggests broader adoption potential, especially among organizations prioritizing simplicity, security, and operational transparency.