{"id":49320287,"url":"https://github.com/ftsiadimos/logradarai","last_synced_at":"2026-04-26T17:04:22.111Z","repository":{"id":336119455,"uuid":"1147644636","full_name":"ftsiadimos/LogRadarAI","owner":"ftsiadimos","description":"A powerful log monitoring and analysis application that collects logs from Linux servers (via rsyslog) and Docker containers, analyzes them using local AI (Ollama), and sends intelligent alerts via Telegram.","archived":false,"fork":false,"pushed_at":"2026-03-26T03:29:50.000Z","size":1545,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-27T00:28:04.206Z","etag":null,"topics":["log","ollama","rsyslog","telegram"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/ftsiadimos.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-02-02T03:13:07.000Z","updated_at":"2026-03-26T03:29:53.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/ftsiadimos/LogRadarAI","commit_stats":null,"previous_names":["ftsiadimos/logradarai"],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/ftsiadimos/LogRadarAI","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ftsiadimos%2FLogRadarAI","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ftsiadimos%2FLogRadarAI/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ftsiadimos%2FLogRadarAI/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ftsiadimos%2FLogRadarAI/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/ftsiadimos","download_url":"https://codeload.github.com/ftsiadimos/LogRadarAI/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/ftsiadimos%2FLogRadarAI/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32305043,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-26T09:34:17.070Z","status":"ssl_error","status_checked_at":"2026-04-26T09:34:00.993Z","response_time":129,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["log","ollama","rsyslog","telegram"],"created_at":"2026-04-26T17:04:21.528Z","updated_at":"2026-04-26T17:04:22.090Z","avatar_url":"https://github.com/ftsiadimos.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ch1 align=\"center\"\u003e🛡️ LogRadarAI — LogAI Monitor\u003c/h1\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cstrong\u003eA powerful log monitoring and analysis application that collects logs from Linux servers (via rsyslog) and Docker containers, analyzes them using local AI (Ollama), and sends intelligent alerts via Telegram.\u003c/strong\u003e\u003cbr\u003e\n  Practical and easy to deploy and operate.  \n  \u003cstrong\u003eNote:\u003c/strong\u003e LogRadarAI focuses on **recent logs** for real-time analysis and alerting; it is *not* designed to provide a permanent log archive or long-term history.\n\u003c/p\u003e\n\n\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/python-3.9+-blue.svg\" alt=\"Python 3.9+\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/flask-2.x-green.svg\" alt=\"Flask 2.x\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/vue.js-3.x-brightgreen.svg\" alt=\"Vue.js 3\"\u003e\n  \u003cimg src=\"https://img.shields.io/badge/license-GPL--3.0-orange.svg\" alt=\"License GPL-3.0\"\u003e\n  \u003ca href=\"https://hub.docker.com/r/ftsiadimos/logradaraiq\"\u003e\u003cimg src=\"https://img.shields.io/docker/pulls/ftsiadimos/logradaraiq?style=flat-square\u0026logo=docker\" alt=\"Docker Pulls\"\u003e\u003c/a\u003e\n  \u003ca href=\"https://github.com/users/ftsiadimos/packages/container/package/logaimonitor\"\u003e\u003cimg src=\"https://img.shields.io/badge/ghcr.io-available-brightgreen.svg\" alt=\"GHCR Available\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n---\n\n## Table of Contents\n\n- [Features](#features)\n- [Architecture](#architecture)\n- [Quick Start](#quick-start)\n- [Docker Compose](#docker-compose)\n- [Manual Installation](#manual-installation)\n- [Configuration](#configuration)\n- [Usage](#usage)\n- [Troubleshooting](#troubleshooting)\n- [Contributing](#contributing)\n- [License](#license)\n\n---\n\n## 📸 Screenshots\n\n| Dark Theme | Lite Theme |\n| --- | --- |\n| \u003ca href=\"mis/image1.webp\" target=\"_blank\"\u003e\u003cimg src=\"mis/image1.webp\" width=\"420\" alt=\"Dashboard View\"\u003e\u003c/a\u003e | \u003ca href=\"mis/image.webp\" target=\"_blank\"\u003e\u003cimg src=\"mis/image.webp\" width=\"420\" alt=\"AI Troubleshooter modal\"\u003e\u003c/a\u003e |\n| *AI Analyzer* | *AI Analyzer* |\n\n---\n\n## Features\n\n- 📊 **Dashboard** - Real-time overview of log statistics and system health\n- 📝 **Log Collection** - Collect logs from rsyslog (UDP/TCP) and Docker containers\n- 🤖 **AI Analysis** - Analyze logs using local Ollama AI for intelligent insights\n- 🔔 **Smart Alerts** - Create filters to detect specific patterns and receive Telegram notifications\n- 🐳 **Docker Integration** - Auto-discover and monitor Docker container logs\n- 💬 **AI Chat** - Interactive chat assistant for log troubleshooting\n- 🎨 **Modern UI** - Clean, responsive interface inspired by oVirt/Foreman\n\n## Architecture\n\n```\n┌─────────────────┐     ┌─────────────────┐\n│  Linux Servers  │────▶│   Syslog UDP    │\n│   (rsyslog)     │     │   Port 5514     │\n└─────────────────┘     └────────┬────────┘\n                                 │\n┌─────────────────┐     ┌────────▼────────┐     ┌─────────────────┐\n│    Docker       │────▶│   LogAI         │────▶│     Redis       │\n│   Containers    │     │   Monitor       │     │   (Storage)     │\n└─────────────────┘     └────────┬────────┘     └─────────────────┘\n                                 │\n                        ┌────────▼────────┐     ┌─────────────────┐\n                        │   Ollama AI     │────▶│    Telegram     │\n                        │   (Analysis)    │     │   (Alerts)      │\n                        └─────────────────┘     └─────────────────┘\n```\n\n## Quick Start\n\n### Using Docker Compose (Recommended)\n\n1. Clone the repository:\n```bash\ngit clone https://github.com/yourusername/logaimonitor.git\ncd logaimonitor\n```\n\n2. Copy the example Compose file and edit it (or use the web UI later to change settings):\n```bash\ncp docker-compose.example.yml docker-compose.yml\n# Edit `docker-compose.yml` to set required environment variables (e.g. SECRET_KEY, OLLAMA_HOST, TELEGRAM_BOT_TOKEN, TELEGRAM_CHAT_ID),\n# or leave them as defaults and change them later via the web UI in Settings.\n```\n\n3. Start the application:\n```bash\n# Using Docker Compose v2\ndocker compose up -d\n```\n\u003e ⚠️ **Default Credentials:**  \n\u003e **Username:** `admin` / **Password:** `admin`  \n\u003e **Important:** For security, change these credentials after your first login!\n\n4. Access the web interface at `http://localhost:5059`\n\n### Manual Installation\n\n1. Install dependencies:\n```bash\npip install -r requirements.txt\n```\n\n2. Start Redis:\n```bash\ndocker run -d --name redis -p 6379:6379 redis:7-alpine\n```\n\n3. Install and start Ollama:\n```bash\n# Install Ollama\ncurl -fsSL https://ollama.ai/install.sh | sh\n\n# Pull a model\nollama pull llama3.2\n\n# Start Ollama server\nollama serve\n```\n\n4. Run the application:\n```bash\npython app.py\n```\n\n## Configuration\n\n### Environment Variables\n\n| Variable | Description | Default |\n|----------|-------------|---------|\n| `SECRET_KEY` | Flask secret key | `change-this` |\n| `REDIS_HOST` | Redis hostname | `localhost` |\n| `REDIS_PORT` | Redis port | `6379` |\n| `OLLAMA_HOST` | Ollama API URL | `http://localhost:11434` |\n| `OLLAMA_MODEL` | Ollama model name | `llama3.2` |\n| `TELEGRAM_BOT_TOKEN` | Telegram bot token | - |\n| `TELEGRAM_CHAT_ID` | Telegram chat ID | - |\n| `LOG_RETENTION_HOURS` | Log retention period (only recent logs are kept; not a full history) | `2` (2 hours) |\n| `ANALYSIS_INTERVAL_SECONDS` | Auto-analysis interval | `300` |\n\n### Configuring Rsyslog\n\nOn your Linux servers, add this configuration to `/etc/rsyslog.d/99-logaimonitor.conf`:\n\n```bash\n# Forward all logs via UDP\n*.* @logaimonitor-host:5514\n\n# Or via TCP (more reliable)\n*.* @@logaimonitor-host:5515\n```\n\nThen restart rsyslog:\n```bash\nsudo systemctl restart rsyslog\n```\n\n#### Forward Specific Logs Only\n\nIf you only want to forward certain log types:\n\n```bash\n# Only auth/security logs\nauth,authpriv.* @logaimonitor-host:5514\n\n# Only errors and above\n*.err @logaimonitor-host:5514\n\n# Kernel messages\nkern.* @logaimonitor-host:5514\n```\n\n#### Test with logger command\n\nSend a test log immediately:\n```bash\nlogger -n logaimonitor-host -P 5514 -d \"Test message from server\"\n```\n\n### Collecting Docker Logs from External Hosts\n\nFor Docker containers running on **external/remote hosts**, you have several options:\n\n#### Option 1: Docker Syslog Logging Driver (Recommended)\n\nOn the **remote Docker host**, configure containers to send logs via syslog:\n\n```bash\n# Run containers with syslog driver\ndocker run -d \\\n  --log-driver=syslog \\\n  --log-opt syslog-address=udp://logaimonitor-host:5514 \\\n  --log-opt tag=\"{{.Name}}\" \\\n  your-image\n```\n\nOr set as the default for all containers in `/etc/docker/daemon.json`:\n```json\n{\n  \"log-driver\": \"syslog\",\n  \"log-opts\": {\n    \"syslog-address\": \"udp://logaimonitor-host:5514\",\n    \"tag\": \"{{.Name}}\"\n  }\n}\n```\n\nThen restart Docker:\n```bash\nsudo systemctl restart docker\n```\n\n#### Option 2: Expose Docker Remote API\n\nOn the **remote host**, edit `/etc/docker/daemon.json`:\n```json\n{\n  \"hosts\": [\"unix:///var/run/docker.sock\", \"tcp://0.0.0.0:2375\"]\n}\n```\n\nThen on LogAI Monitor, set the environment variable:\n```bash\nDOCKER_SOCKET=tcp://remote-host:2375\n```\n\n⚠️ **Warning**: This exposes Docker without authentication. Use TLS certificates for production or restrict with firewall rules.\n\n#### Option 3: Forward via rsyslog on Remote Host\n\nInstall rsyslog on the remote Docker host and configure journald forwarding:\n\n```bash\n# /etc/rsyslog.d/99-docker-forward.conf\nmodule(load=\"imjournal\")\n:programname, startswith, \"docker\" @logaimonitor-host:5514\n```\n\n\u003e **Recommendation**: Option 1 (syslog driver) is the easiest and most secure - no extra configuration on LogAI Monitor needed, logs appear as syslog entries.\n\n### Setting up Telegram Notifications\n\n1. Create a bot with [@BotFather](https://t.me/BotFather) on Telegram\n2. Copy the bot token\n3. Send a message to your bot\n4. Get your chat ID from `https://api.telegram.org/bot\u003cTOKEN\u003e/getUpdates`\n5. Configure in Settings or via environment variables\n\n## Usage\n\n### Creating Filters\n\nFilters allow you to monitor specific log patterns:\n\n1. Go to **Filters** in the sidebar\n2. Click **Create Filter**\n3. Configure conditions:\n   - **Severity**: Match specific severity levels\n   - **Source Contains**: Match logs from specific sources\n   - **Message Contains**: Match logs containing specific text\n   - **Message Regex**: Advanced pattern matching\n4. Enable Telegram notification if desired\n5. Save the filter\n\n### AI Analysis\n\n1. Go to **AI Analysis** in the sidebar\n2. Click **Analyze Recent Logs** for batch analysis\n3. Use the **Chat Assistant** to ask questions about your logs\n4. Click on any log entry and use **Analyze with AI** for detailed analysis\n\n### Viewing Docker Logs\n\n1. Go to **Docker Containers** in the sidebar\n2. View all running containers\n3. Click **Logs** to view container logs\n4. Logs are automatically collected and analyzed\n\n## API Reference\n\n### Logs\n\n- `GET /api/logs` - Get logs with filtering\n- `GET /api/logs/\u003cid\u003e` - Get single log\n- `POST /api/logs/ingest` - Ingest log via HTTP\n\n### Filters\n\n- `GET /api/filters` - List all filters\n- `POST /api/filters` - Create filter\n- `PUT /api/filters/\u003cid\u003e` - Update filter\n- `DELETE /api/filters/\u003cid\u003e` - Delete filter\n\n### Alerts\n\n- `GET /api/alerts` - List alerts\n- `POST /api/alerts/\u003cid\u003e/acknowledge` - Acknowledge alert\n\n### AI\n\n- `GET /api/ollama/status` - Check Ollama status\n- `POST /api/ollama/analyze` - Analyze logs\n- `POST /api/ollama/chat` - Chat with AI\n\n### Settings\n\n- `GET /api/settings` - Get settings\n- `POST /api/settings` - Save settings\n- `POST /api/telegram/test` - Test Telegram connection\n\n## Ports\n\n| Port | Protocol | Description |\n|------|----------|-------------|\n| 5059 | TCP | Web interface |\n| 5514 | UDP | Syslog (UDP) |\n| 5515 | TCP | Syslog (TCP) |\n\n## Tech Stack\n\n- **Backend**: Python, Flask, Flask-SocketIO\n- **Storage**: Redis\n- **AI**: Ollama (local LLM)\n- **Notifications**: Telegram Bot API\n- **Frontend**: HTML, CSS, JavaScript\n- **Deployment**: Docker, Docker Compose\n\n## Troubleshooting\n\n### Logs not appearing\n\n1. Check rsyslog configuration on source servers\n2. Verify network connectivity (ports 5514/5515)\n3. Check firewall rules\n4. View LogAI Monitor logs: `docker-compose logs -f logaimonitor`\n\n### Ollama not working\n\n1. Verify Ollama is running: `curl http://localhost:11434/api/tags`\n2. Check the model is pulled: `ollama list`\n3. Verify `OLLAMA_HOST` environment variable\n\n### Telegram not sending messages\n\n1. Verify bot token is correct\n2. Check chat ID (must start a conversation with bot first)\n3. Use \"Test Connection\" in Settings\n\n## Contributing\n\nContributions are welcome! Please read our contributing guidelines and submit pull requests.\n\n## License\n\nGPL-3.0 License - see LICENSE file for details.\n\nCopyright (C) 2026 Fotios Tsiadimos\n\n## Acknowledgments\n\n- [Ollama](https://ollama.ai) - Local AI inference\n- [Flask](https://flask.palletsprojects.com/) - Web framework\n- [Redis](https://redis.io/) - In-memory data store\n| [Font Awesome](https://fontawesome.com/) - Icons (local copy stored in `static/vendor/fontawesome` to avoid CDN dependency) (served locally from `static/vendor/fontawesome`)\n- [Socket.IO](https://socket.io/) - realtime client library (served locally from `static/vendor/socket.io`)\n\n\n### Offline / CDN-free operation\n\nBy default the app avoids external CSS/JS fetches; templates reference\nbundled files under `static/vendor`. You should populate those\nlocations with the appropriate minified assets (grab them from the\ncorresponding CDN URLs or via package manager). With the files in place,\nthe UI loads instantly even when the server has no network access.\n\nYou must also include the **webfont files** that Font Awesome needs. The\nCSS in `static/vendor/fontawesome/css/all.min.css` references fonts under\n`../webfonts/`, so create that directory and populate it with the\ncorresponding `*.woff2`, `*.ttf`, etc. files from a Font Awesome release\narchive. Without the fonts the icons will show up as blank or square\nboxes.","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fftsiadimos%2Flogradarai","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fftsiadimos%2Flogradarai","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fftsiadimos%2Flogradarai/lists"}