-
Notifications
You must be signed in to change notification settings - Fork 0
Roadmap
Planned features, enhancements, and integrations for
log-intelligence-engine.
| Feature | Status |
|---|---|
| Multi-file log ingestion | ✅ Complete |
| Regex-based log parsing | ✅ Complete |
| Severity classification | ✅ Complete |
| Keyword-based classification | ✅ Complete |
| Error & warning rate analysis | ✅ Complete |
| Health status scoring | ✅ Complete |
| Structured JSON report generation | ✅ Complete |
| Config-driven architecture | ✅ Complete |
Replace batch file processing with real-time log tailing — monitor live log files as entries are written using Python's watchdog library.
from watchdog.observers import Observer
from watchdog.events import FileSystemEventHandlerPull log files directly from AWS S3 buckets instead of requiring local file placement — enabling cloud-native log analysis workflows.
import boto3
s3 = boto3.client('s3')
s3.download_file('your-bucket', 'logs/app.log', 'logs/input/app.log')Enhance timestamp extraction to support a wider range of log timestamp formats using python-dateutil — enabling time-based filtering and chronological analysis.
Include parse rate percentage in the intelligence report summary — making it easy to identify log sources that need regex pattern updates.
Implement time-window based anomaly detection — identify sudden spikes in error rates within a configurable time window rather than just overall file rates.
Ship intelligence report data directly to AWS CloudWatch Logs — enabling centralized storage, querying, and alerting on log analysis results.
Identify the most frequently occurring error and warning messages — surfacing the highest-impact issues rather than just the most recent ones.
Extend parsing to natively support additional log formats:
- JSON structured logs
- CSV log exports
- Windows Event Log exports
- Kubernetes pod logs
Export intelligence report data in a format consumable by Power BI — enabling executive-level log health dashboards with trend visualization across multiple runs and log sources. Part of the broader observability-dashboard portfolio project.
Expose a lightweight Flask API so intelligence reports can be queried programmatically by external systems:
GET /api/report/latest
GET /api/report/summary
GET /api/health/{filename}
Ingest structured JSON logs produced by cloud-telemetry-agent directly — creating a closed-loop observability pipeline where telemetry agent logs are automatically analyzed for anomalies.
Full pytest test suite covering:
- Parse rate accuracy across log formats
- Classification correctness for all severity levels
- Health status scoring logic
- Report structure validation
- Config parsing edge cases
| Integration | Target Repo | Status |
|---|---|---|
| Cloud Telemetry Agent | cloud-telemetry-agent |
🔲 Planned |
| Synthetic Uptime Monitor | synthetic-uptime-monitor |
🔲 Planned |
| Incident Alert Pipeline | incident-alert-pipeline |
🔲 Planned |
| Observability Dashboard | observability-dashboard |
🔲 Planned |
This engine is one component of a larger CloudOps observability ecosystem. Each portfolio repository is designed to integrate with the others — forming a complete, production-grade monitoring platform.