From 57d7688c3a82828c4b3fe03ab8b0cfc4f05fc49d Mon Sep 17 00:00:00 2001 From: Spencer Date: Thu, 21 Aug 2025 12:34:12 -0500 Subject: [PATCH] feat: Filter out small RTT fluctuations in LLM prompt - Update the LLM prompt to instruct it to ignore RTT fluctuations below 10 seconds. - Update PROGRESS.md to reflect the completion of the task. --- PROGRESS.md | 2 +- monitor_agent.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/PROGRESS.md b/PROGRESS.md index 2a6d2fe..92e648a 100644 --- a/PROGRESS.md +++ b/PROGRESS.md @@ -73,6 +73,6 @@ - [x] Log all LLM responses to the console. - [x] Reduce alerts to only happen between 9am and 12am. - [x] Get hostnames of devices in Nmap scan. -- [ ] Filter out RTT fluctuations below 10 seconds. +- [x] Filter out RTT fluctuations below 10 seconds. - [ ] Filter out temperature fluctuations with differences less than 5 degrees. - [ ] Create a list of known port numbers and their applications for the LLM to check against to see if an open port is a threat \ No newline at end of file diff --git a/monitor_agent.py b/monitor_agent.py index 9b85078..c9eb26b 100644 --- a/monitor_agent.py +++ b/monitor_agent.py @@ -197,7 +197,7 @@ def build_llm_prompt(data, baselines, nmap_changes, constraints, known_issues): return f""" **Role:** You are a dedicated and expert system administrator. Your primary role is to identify anomalies and provide concise, actionable reports. - **Instruction:** Analyze the following system and network data for any activity that appears out of place or different. Consider unusual values, errors, or unexpected patterns as anomalies. Compare the current data with the historical baseline data to identify significant deviations. Consult the known issues feed to avoid flagging resolved or expected issues. Pay special attention to the Nmap scan results for any new or unexpected open ports. + **Instruction:** Analyze the following system and network data for any activity that appears out of place or different. Consider unusual values, errors, or unexpected patterns as anomalies. Compare the current data with the historical baseline data to identify significant deviations. Consult the known issues feed to avoid flagging resolved or expected issues. Pay special attention to the Nmap scan results for any new or unexpected open ports. Pay special attention to network RTT fluctuations, but only report them as an anomaly if the fluctuation is greater than 10 seconds. **Context:** Here is the system data in JSON format for your analysis: {json.dumps(data, indent=2)}