LLM-Powered-Monitoring-Agent/README.md

# LLM-Powered Monitoring Agent

This project is a self-hosted monitoring agent that uses a local Large Language Model (LLM) to detect anomalies in system and network data. It's designed to be a simple, self-contained Python script that can be easily deployed on a server.

## 1. Installation

To get started, you'll need to have Python 3.8 or newer installed. Then, follow these steps:

1.  **Clone the repository or download the files:**

    ```bash
    git clone <repository_url>
    cd <repository_directory>
    ```

2.  **Create and activate a Python virtual environment:**

    ```bash
    python -m venv venv
    source venv/bin/activate  # On Windows, use `venv\Scripts\activate`
    ```

3.  **Install the required Python libraries:**

    ```bash
    pip install -r requirements.txt
    ```

## 2. Setup

Before running the agent, you need to configure it and ensure the necessary services are running.

### Prerequisites

-   **Ollama:** The agent requires that [Ollama](https://ollama.com/) is installed and running on the server.
-   **LLM Model:** You must have the `llama3.1:8b` model pulled and available in Ollama. You can pull it with the following command:

    ```bash
    ollama pull llama3.1:8b
    ```

### Configuration

All configuration is done in the `config.py` file. You will need to replace the placeholder values with your actual credentials and URLs.

-   `DISCORD_WEBHOOK_URL`: Your Discord channel's webhook URL. This is used to send alerts.
-   `HOME_ASSISTANT_URL`: The URL of your Home Assistant instance (e.g., `http://192.168.1.50:8123`).
-   `HOME_ASSISTANT_TOKEN`: A Long-Lived Access Token for your Home Assistant instance. You can generate this in your Home Assistant profile settings.
-   `GOOGLE_HOME_SPEAKER_ID`: The `media_player` entity ID for your Google Home speaker in Home Assistant (e.g., `media_player.kitchen_speaker`).

## 3. Usage

Once the installation and setup are complete, you can run the monitoring agent with the following command:

```bash
python monitor_agent.py
```

The script will start a continuous monitoring loop. Every 5 minutes, it will:

1.  Collect simulated system and network data.
2.  Send the data to the local LLM for analysis.
3.  If the LLM detects a **high-severity** anomaly, it will send an alert to your configured Discord channel and broadcast a message to your Google Home speaker via Home Assistant.
4.  At the time specified in `DAILY_RECAP_TIME`, a summary of all anomalies for the day will be sent to the Discord channel.

The script will print its status and any detected anomalies to the console.

## 4. Features

### Priority System

The monitoring agent uses a priority system to classify anomalies. The LLM is instructed to return a severity level for each anomaly it detects. The possible severity levels are:

-   **high**: Indicates a critical issue that requires immediate attention. An alert is sent to Discord and Google Home.
-   **medium**: Indicates a non-critical issue that should be investigated. No alert is sent.
-   **low**: Indicates a minor issue or a potential false positive. No alert is sent.
-   **none**: Indicates that no anomaly was detected.

### Known Issues Feed

The agent uses a `known_issues.json` file to provide the LLM with a list of known issues and their resolutions. This helps the LLM to avoid flagging resolved or expected issues as anomalies.

You can add new issues to the `known_issues.json` file by following the existing format. Each issue should have an "issue" and a "resolution" key. For example:

```json
[
    {
        "issue": "CPU temperature spikes to 80C under heavy load",
        "resolution": "This is normal behavior for this CPU model and is not a cause for concern."
    }
]
```

**Note on Mock Data:** The current version of the script uses mock data for system logs and network metrics. To use this in a real-world scenario, you would need to replace the mock data with actual data from your systems.