Attempting to remove the LLM out of processing

2025-08-23 19:03:40 -05:00
parent bebedb1e15
commit 6f7e99639c
4 changed files with 106 additions and 314 deletions
--- a/PROGRESS.md
+++ b/PROGRESS.md
@@ -78,3 +78,19 @@

 ## TODO

+## Phase 7: Offloading Analysis from LLM
+
+39. [x] Create a new function `analyze_data_locally` in `monitor_agent.py`.
+    39.1. [x] This function will take `data`, `baselines`, `known_issues`, and `port_applications` as input.
+    39.2. [x] It will contain the logic to compare current data with baselines and predefined thresholds.
+    39.3. [x] It will be responsible for identifying anomalies for various metrics (CPU/GPU temp, network RTT, failed logins, Nmap changes).
+    39.4. [x] It will return a list of dictionaries, where each dictionary represents an anomaly and contains 'severity' and 'reason' keys.
+40. [x] Refactor `analyze_data_with_llm` into a new function called `generate_llm_report`.
+    40.1. [x] This function will take the list of anomalies from `analyze_data_locally` as input.
+    40.2. [x] It will construct a simple prompt to ask the LLM to generate a human-readable summary of the anomalies.
+    40.3. [x] The LLM will no longer be making analytical decisions.
+41. [x] Update `run_monitoring_cycle` to orchestrate the new workflow.
+    41.1. [x] Call `analyze_data_locally` to get the list of anomalies.
+    41.2. [x] If anomalies are found, call `generate_llm_report` to create the report.
+    41.3. [x] Use the output of `generate_llm_report` for alerting.
+42. [x] Remove the detailed analytical instructions from `build_llm_prompt` as they will be handled by `analyze_data_locally`.