artanis/LLM-Powered-Monitoring-Agent
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
83b25d81a6af7d0dc3a04785c7d75c6e0ee70eb3
LLM-Powered-Monitoring-Agent/PROGRESS.md
Spencer 83b25d81a6 feat: Add hostname resolution to Nmap scans 
- Add -R flag to Nmap scan options to enable reverse DNS lookup.
- Modify the Nmap processing logic to extract and store hostnames.
- Update PROGRESS.md to reflect the completion of the task.
2025-08-21 12:32:40 -05:00

78 lines
3.6 KiB
Markdown
Raw Blame History

# Project Progress
## Phase 1: Initial Setup
1. [x] Create `monitor_agent.py`
2. [x] Create `config.py`
3. [x] Create `requirements.txt`
4. [x] Create `README.md`
5. [x] Create `.gitignore`
6. [x] Create `SPEC.md`
7. [x] Create `PROMPT.md`
8. [x] Create `CONSTRAINTS.md`
## Phase 2: Data Storage
9. [x] Implement data storage functions in `data_storage.py`
10. [x] Update `monitor_agent.py` to use data storage
11. [x] Update `SPEC.md` to reflect data storage functionality
## Phase 3: Expanded Monitoring
12. [x] Implement CPU temperature monitoring
13. [x] Implement GPU temperature monitoring
14. [x] Implement system login attempt monitoring
15. [x] Update `monitor_agent.py` to include new metrics
16. [x] Update `SPEC.md` to reflect new metrics
17. [x] Extend `calculate_baselines` to include system temps
## Phase 4: Troubleshooting
18. [x] Investigated and resolved issue with `jc` library
19. [x] Removed `jc` library as a dependency
20. [x] Implemented manual parsing of `sensors` command output
## Phase 5: Network Scanning (Nmap Integration)
21. [x] Add `python-nmap` to `requirements.txt` and install.
22. [x] Define `NMAP_TARGETS` and `NMAP_SCAN_OPTIONS` in `config.py`.
23. [x] Create a new function `get_nmap_scan_results()` in `monitor_agent.py`:
* [x] Use `python-nmap` to perform a scan on the defined targets with the specified options.
* [x] Return the parsed results.
24. [x] Integrate `get_nmap_scan_results()` into the main monitoring loop:
* [x] Call this function periodically (e.g., less frequently than other metrics).
* [x] Add the `nmap` results to the `combined_data` dictionary.
25. [x] Update `data_storage.py` to store `nmap` results.
26. [x] Extend `calculate_baselines()` in `data_storage.py` to include `nmap` baselines:
* [x] Compare current `nmap` results with historical data to identify changes.
27. [x] Modify `analyze_data_with_llm()` prompt to include `nmap` scan results for analysis.
28. [x] Consider how to handle `nmap` permissions.
29. [x] Improve Nmap data logging to include IP addresses, open ports, and service details.
## Phase 6: Code Refactoring and Documentation
30. [x] Remove duplicate `pingparsing` import in `monitor_agent.py`.
31. [x] Refactor `get_cpu_temperature` and `get_gpu_temperature` to call `sensors` command only once.
32. [x] Refactor `get_login_attempts` to use a position file for efficient log reading.
33. [x] Simplify JSON parsing in `analyze_data_with_llm`.
34. [x] Move LLM prompt to a separate function `build_llm_prompt`.
35. [x] Refactor main loop into smaller functions (`run_monitoring_cycle`, `main`).
36. [x] Create helper function in `data_storage.py` for calculating average metrics.
37. [x] Update `README.md` with current project status and improvements.
38. [x] Create `AGENTS.md` to document human and autonomous agents.
## Keeping track of Current Objectives
[x] Improve "high" priority detection by explicitly instructing LLM to output severity in structured JSON format.
[x] Implement dynamic contextual information (Known/Resolved Issues Feed) for LLM to improve severity detection.
## TODO
- [x] Change baseline calculations to only use integers instead of floats.
- [x] Add a log file that only keeps records for the past 24 hours.
- [x] Log all LLM responses to the console.
- [x] Reduce alerts to only happen between 9am and 12am.
- [x] Get hostnames of devices in Nmap scan.
- [ ] Filter out RTT fluctuations below 10 seconds.
- [ ] Filter out temperature fluctuations with differences less than 5 degrees.
- [ ] Create a list of known port numbers and their applications for the LLM to check against to see if an open port is a threat
Reference in New Issue View Git Blame Copy Permalink