- Changed the daily recap time to 22:00.
- Modified the `send_daily_recap` function to split the recap message into multiple messages if it exceeds 2000 characters to avoid hitting the Discord message length limit.
- Added a 1-second delay between each message chunk to avoid rate limiting.
Changed the severity of the UFW block anomaly from "high" to "medium".
A high number of blocked connections is not a critical issue as long as the firewall is working correctly.
- Added a new function `get_ufw_logs` to monitor `/var/log/ufw.log`.
- Added a new table `ufw_logs` to the database to store UFW log data.
- Updated `analyze_data_locally` to detect anomalies in UFW logs (high number of blocked connections).
- Integrated the new functionality into the main monitoring loop.
- Replaced `data_storage.py` with `database.py` to use SQLite instead of a JSON file for data storage.
- Added an `enforce_retention_policy` function to `database.py` to delete data older than 7 days.
- Called this function in the main monitoring loop in `monitor_agent.py`.
- Added Docker container monitoring.
- Updated `.gitignore` to ignore `monitoring.db`.
- Add -R flag to Nmap scan options to enable reverse DNS lookup.
- Modify the Nmap processing logic to extract and store hostnames.
- Update PROGRESS.md to reflect the completion of the task.
- Add a function to check if the current time is within the alerting window (9am - 12am).
- Modify the alerting logic to only send alerts during this window.
- Update PROGRESS.md to reflect the completion of the task.
- Add a StreamHandler to the logger to output all logs to the console.
- Log the LLM response to the console for real-time monitoring.
- Update PROGRESS.md to reflect the completion of the task.
- Fix a syntax error in monitor_agent.py.
- Add logging to monitor_agent.py to replace print statements.
- Configure TimedRotatingFileHandler to keep logs for the past 24 hours.
- Update .gitignore to exclude the new log file.
- Update PROGRESS.md to reflect the completion of the task.
- Change baseline calculations to use integers instead of floats to simplify data.
- Update LLM constraints and prompt for more accurate anomaly detection.
- Refine known_issues to reduce false positives.
- Update PROGRESS.md with new TODO items.
