npm - @misterhuydo/sentinel - Versions diffs - 1.2.6 → 1.2.7 - Mend

@misterhuydo/sentinel 1.2.6 → 1.2.7

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (4) hide show

package/.cairn/.hint-lock +1 -1
package/.cairn/session.json +2 -2
package/package.json +1 -1
package/python/sentinel/sentinel_boss.py +151 -5

package/.cairn/.hint-lock CHANGED Viewed

	@@ -1 +1 @@
1	- 2026-03-23T11:11:25.~~885Z~~
1	+ 2026-03-23T11:43:23.881Z

package/.cairn/session.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
-  "message": "Auto-checkpoint at 2026-03-23T11:34:06.855Z",
-  "checkpoint_at": "2026-03-23T11:34:06.857Z",
+  "message": "Auto-checkpoint at 2026-03-23T11:40:37.793Z",
+  "checkpoint_at": "2026-03-23T11:40:37.794Z",
   "active_files": [],
   "notes": [],
   "mtime_snapshot": {}

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@misterhuydo/sentinel",
-  "version": "1.2.6",
+  "version": "1.2.7",
   "description": "Sentinel — Autonomous DevOps Agent installer and manager",
   "bin": {
     "sentinel": "./bin/sentinel.js"

package/python/sentinel/sentinel_boss.py CHANGED Viewed

@@ -240,6 +240,29 @@ When to act vs. when to ask:
 - If a tool call will take a moment (search, fetch, pull), prefix your reply with a brief "working" line ending in "..." before the results, e.g. "Searching SSOLWA for TryDig activity..." then the actual output.
   Never just say a working line and stop — always follow it with the results in the same message.
+Search reasoning — always do this before calling filter_logs or search_logs:
+1. Interpret intent: what is the user actually looking for? Don't pass the raw message as the query.
+   Examples:
+   - "TryDig errors" → query="TryDig" (component name; look for it in any context)
+   - "payment failures last hour" → query="pay|payment|transaction", since_hours=1
+   - "why is the app crashing" → query="Exception|Error|FAILED|crash", look for stack traces
+   - "login issues today" → query="login|auth|401|403|session", since_hours=24
+   - "slow requests" → query="timeout|slow|latency|took [0-9]+ms|duration"
+   - "startup problems" → query="APPLICATION FAILED|BeanCreation|NoSuchMethod|ClassNotFound"
+   Use | in the regex to cover synonyms and related terms. Keep it focused — not too broad.
+2. Choose since_hours if a time window is implied ("last hour", "today", "this morning").
+3. Pick source if the user mentioned a specific service (SSOLWA, STS, etc.) or server.
+After getting filter_logs results, always synthesize — never dump raw output:
+- Lead with 1-2 sentences: total count, affected sources, dominant pattern.
+  e.g. "Found 47 matches across SSOLWA and STS — mostly NullPointerException in DigService (31 hits)."
+- List the top 3-5 patterns with counts in plain language.
+- Call out any notable time clustering (e.g. "spike between 10:23–10:47 UTC").
+- Show 2-3 example lines at most — only the most informative ones.
+- End with a recommendation if the pattern suggests something actionable:
+  e.g. "Looks like a dependency resolution issue — create an issue?" or "Pattern consistent with a null config value at startup."
+- If total_matches=0, say so plainly and suggest what else to try.
 Session context — critical rules:
 - Loaded conversation history is prior-session background only. It may be hours or days old.
 - NEVER say "the previous search", "I already fetched", "as I found earlier", or any phrase implying you already did part of the current task — unless a tool result appears in THIS response's tool calls.
@@ -1341,11 +1364,29 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
     if name == "filter_logs":
         import re as _re
+        from collections import Counter as _Counter
         from datetime import datetime, timedelta, timezone as _tz
+        # Extract a short grouping key from a log line for pattern analysis
+        _EXC_PAT  = _re.compile(r'([A-Z][a-zA-Z]+(?:Exception|Error|Failure|Fault|Warning))')
+        _LVL_PAT  = _re.compile(r'\b(ERROR|WARN(?:ING)?|CRITICAL|FATAL|SEVERE)\b', _re.IGNORECASE)
+        def _signature(line):
+            exc = _EXC_PAT.search(line)
+            if exc:
+                return exc.group(1)
+            m = _LVL_PAT.search(line)
+            if m:
+                after = line[m.end():].strip()
+                token = after.split()[0].rstrip(':.,') if after.split() else ''
+                if token and len(token) > 2:
+                    return m.group(1).upper() + ' ' + token[:40]
+            return line.strip()[:40]
         query_f      = inputs.get("query", "")
         source_f     = inputs.get("source", "").lower()
         since_hours  = inputs.get("since_hours")
-        max_matches  = int(inputs.get("max_matches", 50))
+        max_matches  = int(inputs.get("max_matches", 300))
         case_flag    = 0 if inputs.get("case_sensitive") else _re.IGNORECASE
         try:
             pat = _re.compile(query_f, case_flag)
@@ -1416,12 +1457,117 @@ async def _run_tool(name: str, inputs: dict, cfg_loader, store, slack_client=Non
                 "note": "No matches found in synced logs.",
             })
+        try:
+            pat = _re.compile(query_f, case_flag)
+        except _re.error as e:
+            return json.dumps({"error": f"Invalid regex: {e}"})
+        synced_base = Path("workspace/synced")
+        if not synced_base.exists():
+            return json.dumps({
+                "error": "No synced logs found.",
+                "hint": "Log sync runs every SYNC_INTERVAL_SECONDS (default 300s). "
+                        "If just started, wait a minute then try again.",
+            })
+        cutoff = None
+        if since_hours:
+            cutoff = datetime.now(_tz.utc) - timedelta(hours=int(since_hours))
+        if source_f:
+            src_dirs = [d for d in sorted(synced_base.iterdir())
+                        if d.is_dir() and source_f in d.name.lower()]
+        else:
+            src_dirs = [d for d in sorted(synced_base.iterdir()) if d.is_dir()]
+        if not src_dirs:
+            available = [d.name for d in synced_base.iterdir() if d.is_dir()]
+            return json.dumps({
+                "error": f"No synced source matching '{source_f}'",
+                "available_sources": available,
+            })
+        all_matches = []   # list of (source_name, line)
+        sources_hit = set()
+        for src_dir in src_dirs:
+            for log_file in sorted(src_dir.glob("*")):
+                try:
+                    lines = log_file.read_text(encoding="utf-8", errors="replace").splitlines()
+                    for line in lines:
+                        if not pat.search(line):
+                            continue
+                        if cutoff:
+                            from .log_fetcher import _parse_line_ts
+                            ts = _parse_line_ts(line)
+                            if ts and ts < cutoff:
+                                continue
+                        all_matches.append((src_dir.name, line[:300]))
+                        sources_hit.add(src_dir.name)
+                        if len(all_matches) >= max_matches:
+                            break
+                except Exception:
+                    pass
+            if len(all_matches) >= max_matches:
+                break
+        total = len(all_matches)
+        if total == 0:
+            return json.dumps({
+                "query": query_f,
+                "total_matches": 0,
+                "sources_searched": [d.name for d in src_dirs],
+                "note": "No matches found in synced logs.",
+            })
+        # Pattern grouping: count occurrences of each error signature
+        sig_counter = _Counter()
+        sig_examples = {}
+        for src, line in all_matches:
+            sig = _signature(line)
+            sig_counter[sig] += 1
+            if sig not in sig_examples:
+                sig_examples[sig] = f"[{src}] {line}"
+        top_patterns = [
+            {"pattern": sig, "count": cnt, "example": sig_examples[sig][:250]}
+            for sig, cnt in sig_counter.most_common(10)
+        ]
+        # Sample: first unique-signature line from each source
+        sample_lines = []
+        seen_sigs = set()
+        for src, line in all_matches:
+            sig = _signature(line)
+            if sig not in seen_sigs:
+                sample_lines.append(f"[{src}] {line}")
+                seen_sigs.add(sig)
+            if len(sample_lines) >= 10:
+                break
+        # Time span
+        time_span = {}
+        try:
+            from .log_fetcher import _parse_line_ts
+            timestamps = [_parse_line_ts(ln) for _, ln in all_matches]
+            timestamps = [t for t in timestamps if t]
+            if timestamps:
+                time_span = {
+                    "earliest": min(timestamps).strftime("%Y-%m-%d %H:%M:%S UTC"),
+                    "latest":   max(timestamps).strftime("%Y-%m-%d %H:%M:%S UTC"),
+                }
+        except Exception:
+            pass
         return json.dumps({
-            "query": query_f,
-            "mode": "local",
-            "total_matches": total_matches,
+            "query":            query_f,
+            "total_matches":    total,
+            "sources_hit":      sorted(sources_hit),
             "sources_searched": [d.name for d in src_dirs],
-            "results": results,
+            "top_patterns":     top_patterns,
+            "sample_lines":     sample_lines,
+            "time_span":        time_span,
+            "capped":           total >= max_matches,
         })
     if name == "trigger_poll":