[Feature] <title>Daily AI-Powered System Health Report & Risk Detection

[anusha975]

Feature Request

Daily AI-Powered System Health Report & Risk Detection

Is your feature request related to a problem? Please describe

Yes. Currently, HertzBeat provides powerful monitoring and alerting, but it still requires significant manual effort to inspect system health daily.
O&M teams face alert fatigue, and many issues remain hidden until they trigger critical alerts. Without a proactive inspection workflow, users must manually review multiple monitors, trend graphs, and alerts to understand system health.

Describe the solution you'd like

Implement an Intelligent Inspection Workflow inside the hertzbeat-ai module that automates daily system health checks using LLMs.
The workflow should:

Automatically scan all monitors and active alerts (e.g., last 24 hours)

Collect trend data for abnormal monitors (CPU, memory, latency)

Perform correlation analysis to identify shared root causes

Generate a concise Markdown report summarizing:

Overall system health status

Critical risks and anomalies

Optimization suggestions

Provide a human-in-the-loop confirmation before any automated actions

The solution should be optimized for tokens using:

Funnel filtering (only abnormal monitors)

Statistical summarization (max, avg, trend)

Describe alternatives you've considered

Manual inspection: Users manually review metrics and alerts, which is time-consuming and error-prone.

Static rule-based reports: Predefined rules can generate reports, but they cannot handle complex correlations or unknown issues.

Raw time-series analysis without LLM: Requires heavy computing and cannot provide human-friendly explanations.

Full agent-based automation: Fully automated actions can be risky; human confirmation is required for safety.

Additional context

This feature is aimed at evolving HertzBeat into an AIOps platform.
It builds on the existing hertzbeat-ai module and leverages LLMs for correlation analysis, risk assessment, and reporting.
The design should prioritize token efficiency and user safety (manual confirmation for actions).
The generated report can be exported as Markdown or integrated into the dashboard as a daily summary.

[infosushant1]

Hi @anusha975 and maintainers 👋

I’d love to work on Issue #4025 (Daily AI-Powered System Health Report & Risk Detection).

Plan (initial MVP):

• Add a scheduled daily inspection workflow in hertzbeat-ai
• Fetch abnormal monitors + last 24h alerts
• Token-efficient summarization (max / avg / trend)
• LLM-based correlation & risk analysis via Spring AI + MCP
• Generate a Markdown daily health report
• Expose REST API + simple UI panel in the dashboard
• Add human-in-the-loop confirmation before any automated actions

I’ll start with:

1. a short design doc (architecture + API design)
2. a small initial PR (data collection + abnormal filtering only)

Feedback and guidance are very welcome 🙏

[anusha975]

hii
This is a very interesting feature and I’d love to contribute. Since this is a large enhancement, I’m happy to help with smaller parts such as:

Implementing abnormal monitor filtering logic

Writing utility methods for statistical summarization (max / avg / trend)

Adding Markdown report formatting

Writing tests for the inspection workflow

Please let me know if there’s a specific sub-task I can start with. Thank you!

[infosushant1]

Hi @anusha975, thanks for offering to help — really appreciate it!

Let’s start with abnormal monitor filtering logic + basic statistical summarization (max / avg / trend) as the first sub-task. These are core building blocks for the daily health report and easy to review in a small PR.

Suggested scope for the initial PR:

Add a utility/service to fetch last 24h monitor metrics

Implement abnormal filtering (configurable thresholds for CPU, memory, latency, etc.)

Add summarization helpers (max / avg / simple trend)

Unit tests for the above

I’ll draft a short design note for this part and open an initial PR for feedback.

If you have any preference on threshold definitions or existing utilities I should reuse, please let me know. Thanks again!

[anusha975]

Thanks for outlining the scope clearly.

I will start by drafting a short design note under:

docs/daily-health-report-phase1.md

The document will cover:

• Goal and scope of Phase 1
• Metric fetching strategy (last 24h)
• Abnormal threshold filtering design
• Basic statistical summarization (max / avg / simple trend)
• Proposed class structure and extension points

Once drafted, I’ll open a small PR for early feedback before moving to implementation.

Please let me know if there is any preferred package structure or existing utility I should align with.