A LangGraph-based agent that helps analyze logs, identify issues, suggest solutions, and reference relevant documentation.
- Smart Log Analysis: Identifies errors, warnings, and patterns with actionable recommendations
- Automatic Streaming: Handles large logs (>10MB) with memory-efficient chunk processing
- Specialized Analyzers: Domain-specific analysis for:
- HDFS/Hadoop logs (block corruption, replication, namenode/datanode issues)
- Security logs (authentication failures, intrusion attempts, threats)
- Application logs (HTTP errors, exceptions, performance issues)
- High Reliability:
- Circuit breaker prevents cascading failures
- Rate limiting protects API quotas
- Automatic retries with exponential backoff
- Dual Model Architecture:
- Gemini 2.5 Flash: Primary model for analyzing large log files (via Google AI API)
- Kimi K2: Orchestration model for managing agent tasks (via Groq API)
- Performance Optimizations:
- Result caching for repeated analyses
- Parallel chunk processing for large files
- 5x faster than single-pass analysis
- Interactive Mode: Requests clarification when needed
- Documentation Search: Integrates with Tavily for up-to-date solutions
- OAuth Authentication: Sign in with Google for seamless access
- Python 3.11+
- API Keys:
- Google AI API key (for Gemini 2.5 Flash)
- Groq API key (for Kimi K2)
- Tavily API key (for documentation search)
- (Optional) LangChain API key for LangSmith tracing
- Clone this repository
- Install the package in editable mode:
pip install -e . - Create a
.envfile based on.env.example:cp .env.example .env
- Add your API keys to
.env:GEMINI_API_KEY=your_gemini_api_key_here GROQ_API_KEY=your_groq_api_key_here TAVILY_API_KEY=your_tavily_api_key_here LANGCHAIN_API_KEY=your_langchain_api_key_here # Optional
docker-compose up# Start the backend API server
uv run main.py
# In another terminal, start the frontend
cd frontend
bun run startThat's it! The API runs on http://localhost:8000 and the frontend on http://localhost:3000
Once the server is running, visit http://localhost:8000/docs for interactive API documentation.
Run the test script to verify everything is working:
python test_setup.pyfrom src.log_analyzer_agent import graph, InputState
# Prepare your log content
log_content = """
2023-08-15T14:25:12.345Z ERROR [app.main] Failed to connect to database: Connection refused
2023-08-15T14:25:14.123Z FATAL [app.main] Application startup failed: Database connection error
"""
# Optional environment details
environment_details = {
"software": "MyApp v1.2.3",
"database": "PostgreSQL 14.5",
"runtime": "Python 3.9 on Ubuntu 22.04"
}
# Create input state
input_state = {
"log_content": log_content,
"environment_details": environment_details
}
# Run the graph
config = {
"configurable": {
"primary_model": "gemini:gemini-2.5-flash",
"orchestrator_model": "kimi:k2"
}
}
# Get results
result = graph.invoke(input_state, config)
print(result["analysis_result"]).
├── src/log_analyzer_agent/ # Main agent code
│ ├── api/ # API endpoints
│ ├── nodes/ # Graph nodes
│ │ ├── analysis.py # Log analysis node
│ │ ├── user_input.py # User interaction node
│ │ └── validation.py # Validation node
│ ├── services/ # Service layer
│ ├── graph.py # LangGraph state machine
│ ├── state.py # State definitions
│ ├── tools.py # Agent tools
│ ├── configuration.py # Configuration
│ ├── prompts.py # Prompt templates
│ └── utils.py # Utilities
├── evaluation/ # Evaluation framework
│ ├── benchmark/ # Benchmarking tools
│ ├── configurations/ # Test configurations
│ ├── evaluators/ # Custom evaluators
│ └── scripts/ # Evaluation scripts
├── tests/ # Unit tests
├── docs/ # Documentation
├── frontend/ # Web UI (React)
└── main.py # CLI entry point
# Run all tests
python -m pytest tests/
# Run specific test
python -m pytest tests/test_system.py# Run evaluation with LangSmith
python evaluation/scripts/evaluate_simple.py
# Run demo evaluation (no API calls)
python evaluation/scripts/evaluate_simple_demo.py- Use type hints for all function parameters and returns
- Follow relative imports within the package
- Add docstrings to all functions and classes
- Use async/await for node implementations
Add new tools in src/log_analyzer_agent/tools.py:
@tool
async def my_new_tool(
params: Dict[str, Any],
*,
state: Annotated[State, InjectedState],
) -> str:
"""Description of what this tool does.
Args:
params: Parameters for the tool
Returns:
Tool result
"""
# Tool implementation
return "Result"Modify the prompt templates in src/log_analyzer_agent/prompts.py to adjust agent behavior.
This project uses GitHub Actions for continuous integration and deployment verification:
- Docker Build: Automatically builds and tests Docker images on every push
- Deploy Verification: Validates LangGraph configuration and deployment readiness
- Test Suite: Runs unit and integration tests across Python 3.9, 3.10, and 3.11
-
Add the following secrets to your repository (Settings → Secrets → Actions):
GEMINI_API_KEYGROQ_API_KEYTAVILY_API_KEYLANGCHAIN_API_KEY(optional, for deployment)
-
Push to trigger workflows:
git add .github/workflows/ git commit -m "Add GitHub Actions workflows" git push -
Monitor workflow runs in the Actions tab of your repository
- Verify Secrets: Run manually to check if all secrets are configured correctly
gh workflow run verify-secrets.yml
-
ImportError: attempted relative import with no known parent package
- Solution: Install package with
pip install -e .
- Solution: Install package with
-
Module not found errors
- Ensure
src/__init__.pyexists - Package must be installed in editable mode
- Ensure
-
API Key errors
- All three API keys are required: GEMINI_API_KEY, GROQ_API_KEY, TAVILY_API_KEY
- Copy
.env.exampleto.envand add your keys
-
GitHub Actions failures
- Check the Actions tab for detailed logs
- Run the verify-secrets workflow to ensure all secrets are set
- Review
.github/workflows/README.mdfor troubleshooting tips
MIT