What's new

Utilize the robot to assist in analyzing router logs.

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

aru

Regular Contributor
I've discovered another interesting application: enlisting the robot's help to analysis logs for abnormalities. Friends who are interested can give it a try.

Upon entering http://router.asus.com/user19.asp in the browser, the displayed results are as follows:

Question:​

Please analyze whether the following log content has any issues:

Messages Log Content:​

ted
Mar 25 09:30:14 GT-AX6000-0FC8 hostapd: eth7: STA 8a:3b:8c:ef:75:c2 RADIUS: starting accounting session 07A303C67E996661
Mar 25 09:30:14 GT-AX6000-0FC8 hostapd: eth7: STA 8a:3b:8c:ef:75:c2 WPA: pairwise key handshake completed (RSN)
Mar 25 09:44:35 GT-AX6000-0FC8 hostapd: eth6: STA f0:2f:74:8f:93:81 WPA: group key handshake completed (RSN)
Mar 25 09:44:35 GT-AX6000-0FC8 hostapd: eth6: STA f0:2f:74:fd:65:11 WPA: group key handshake completed (RSN)
Mar 25 09:44:35 GT-AX6000-0FC8 hostapd: eth6: STA 10:5a:17:e5:63:60 WPA: group key handshake completed (RSN)
Mar 25 09:44:35 GT-AX6000-0FC8 hostapd: eth6: STA 1c:90:ff:e7:38:24 WPA: group key handshake completed (RSN)
Mar 25 09:44:39 GT-AX6000-0FC8 hostapd: eth7: STA f0:2f:74:fd:65:18 WPA: group key handshake completed (RSN)
Mar 25 09:44:39 GT-AX6000-0FC8 hostapd: eth7: STA f0:2f:74:8f:93:88 WPA: group key handshake completed (RSN)
Mar 25 09:44:39 GT-AX6000-0FC8 hostapd: eth7: STA 8a:3b:8c:ef:75:c2 WPA: group key handshake completed (RSN)

GenAI Analysis Result:​

There are no significant issues in the provided log content. The logs show successful RADIUS accounting session initiation, WPA pairwise and group key handshake completions for multiple stations on different interfaces (eth6 and eth7). These events indicate normal Wi-Fi client connection and authentication processes.

The following software packages are pre-installed in cmdline:

Python app
#opkg install python3
#opkg install python3-pip
#pip install google-generativeai

Get API key from https://aistudio.google.com/app/apikey

1711332792551.png



Create the directory /jffs/addons/myaddon and the script user19.py inside:

#mkdir /jffs/addons/myaddon
#nano -w /jffs/addons/myaddon/user19.py

Please paste the following script:

Code:
#!/tmp/mnt/usbkey/entware/bin/python

import os
import requests
import google.generativeai as genai


# Read the latest 10000 characters of the message log
log_file_path = '/mnt/usbkey/entware/var/log/messages'
num_chars = 10000


with open(log_file_path, 'r') as file:
    file.seek(0, os.SEEK_END)  # Move to the end of the file
    end_position = file.tell()
    start_position = max(0, end_position - num_chars)  # Ensure not to exceed the file's range
    file.seek(start_position)
    log_content = file.read()


# Use Google's Generative AI for analysis
api_key = 'Your API key'  # Replace this with your API key
genai.configure(api_key=api_key)


model = genai.GenerativeModel('gemini-pro')


# First, ask a question
question = 'Please analyze whether the following log content has any issues:'
response = model.generate_content(question + '\n' + log_content)
genai_result = response.text


# Save the log content and analysis result to a file
output_file_path = '/tmp/var/wwwext/user19.asp'
with open(output_file_path, 'w') as output_file:
    output_file.write('<html><body>')
    output_file.write('<h2>Question:</h2>')
    output_file.write('<pre>{}</pre>'.format(question))
    output_file.write('<h2>Messages Log Content:</h2>')
    output_file.write('<pre>{}</pre>'.format(log_content))
    output_file.write('<h2>GenAI Analysis Result:</h2>')
    output_file.write('<pre>{}</pre>'.format(genai_result))
    output_file.write('</body></html>')


print('Question, Log content, and GenAI analysis result saved to', output_file_path)


You may need to manually adjust the following user19.py script as indicated in red according to your router environment:

#!/tmp/mnt/usbkey/entware/bin/python
.
api_key = 'Your API key' # Replace this with your API key
.
mymap.save("/tmp/var/wwwext/user19.asp")

Change the file permissions of user19.py to make it executable.

#chmod 775 /jffs/addons/myaddon/user19.py

Then, execute the /jffs/addons/myaddon/user19.py file in cmdline. The output will be as follows:

1711332307909.png



How to mount your own webpage onto the router menu steps as below:

Edit the /tmp/menuTree.js file

#nano -w /tmp/menuTree.js

Search for the following crucial keywords highlighted in red. You'll notice that all other addon menus are uniformly integrated here (as indicated in blue).
{
menuName: "Addons",
index: "menu_Addons",
tab: [
{url: "user20.asp", tabName: "Skynet-Maps"},
{url: "user2.asp", tabName: "Unbound"},
{url: "user3.asp", tabName: "dn-vnstat"},
{url: "user4.asp", tabName: "connmon"},
{url: "user5.asp", tabName: "ntpMerlin"},
{url: "user7.asp", tabName: "scMerlin"},

{url: "javascript:var helpwindow=window.open('/ext/shared-jy/redirect.htm','_bl>
{url: "user8.asp", tabName: "Sitemap"},
{url: "NULL", tabName: "__INHERIT__"}
]
}

You simply need to insert your own link in a single line (as shown in green).

{
menuName: "Addons",
index: "menu_Addons",
tab: [
{url: "user19.asp", tabName: "AI analyzes log"},
{url: "user20.asp", tabName: "Skynet-Maps"},
{url: "user2.asp", tabName: "Unbound"},
{url: "user3.asp", tabName: "dn-vnstat"},
{url: "user4.asp", tabName: "connmon"},
{url: "user5.asp", tabName: "ntpMerlin"},
{url: "user7.asp", tabName: "scMerlin"},
{url: "javascript:var helpwindow=window.open('/ext/shared-jy/redirect.htm','_bl>
{url: "user8.asp", tabName: "Sitemap"},
{url: "NULL", tabName: "__INHERIT__"}
]
}

After editing, simply remount the menu using the following cmdline to complete the process.

#umount /www/require/modules/menuTree.js && mount -o bind /tmp/menuTree.js /www/require/modules/menuTree.js


Done!

1711332615143.png



Note: I am currently unable to confirm whether Google Generative AI has free query restrictions. This may depend on the specific API you are using, as well as the quotas and usage associated with your API key. It is recommended to consult the official documentation of Google Generative AI or contact the Google support team for detailed information and restrictions regarding the API. Typically, major AI service providers may implement some form of quotas or restrictions to manage usage and resource allocation.
 
Last edited:
You're giving your network configuration details to Google.

Don't.
 
You're giving your network configuration details to Google.

Don't.

The system logs should only contain IP addresses, device MAC addresses, and other relevant service execution statuses, and should not include user account passwords or configuration files. If privacy concerns arise, it is advisable to focus more on features that provide all network activities to the manufacturer, such as DDNS, remote connection (ASUS Router APP, Lyra APP, AiCloud, AiDisk), AiProtection, traffic analyzer, apps analyzer, adaptive QoS, game boost, and web history. Not sure if this interpretation is correct?

1711345528804.png
 
This is how I interpret Google. What they say is not what they do. They've lied. They still lie. And they'll continue to lie. I don't want to have anything to do with them.
 
This is how I interpret Google. What they say is not what they do. They've lied. They still lie. And they'll continue to lie. I don't want to have anything to do with them.

I'm not sure what promises Google made to you that led to your negative perception. You seem to believe that Google often says one thing and does another, lacking transparency and honesty, and this sentiment appears deeply ingrained in you. It seems like your resentment towards Google runs deep, resulting in higher expectations and greater disappointment.I respect your feelings of disappointment and distrust towards Google, leading you to prefer not to be associated with them anymore. Everyone's perception of Google may vary depending on their experiences and perspectives.

Firstly, let me explain that I don't have any particular loyalty to brands. In this exercise, I found that many robot APIs require payment, which is not conducive to completing the project's simple tests. Currently, I've only found Google to provide a free option. If there are any other reliable free APIs you could recommend, I'd be open to hearing about them.

Additionally, based on my basic understanding, besides Google, social media platforms like Facebook, Twitter, Instagram, and e-commerce platforms like Amazon, Alibaba, all to varying degrees, gather user data. Smart devices, home automation products, health trackers, and similar technologies may also collect personal data. The extent and purpose of this data collection may vary depending on the company and product, typically outlined in terms of use and privacy policies.

By examining the Diversion report, it's evident that data collection frequency is quite high. I also appreciate the original author for providing such an excellent script, which helps eliminate some intrusive advertisements to users, as well as curtails the excessive gathering of personal data.

1711409438769.png
 
I've discovered another interesting application: enlisting the robot's help to analysis logs for abnormalities. Friends who are interested can give it a try.

Upon entering http://router.asus.com/user19.asp in the browser, the displayed results are as follows:



The following software packages are pre-installed in cmdline:

Python app


Get API key from https://aistudio.google.com/app/apikey

View attachment 57436


Create the directory /jffs/addons/myaddon and the script user19.py inside:



Please paste the following script:

Code:
#!/tmp/mnt/usbkey/entware/bin/python

import os
import requests
import google.generativeai as genai


# Read the latest 10000 characters of the message log
log_file_path = '/mnt/usbkey/entware/var/log/messages'
num_chars = 10000


with open(log_file_path, 'r') as file:
    file.seek(0, os.SEEK_END)  # Move to the end of the file
    end_position = file.tell()
    start_position = max(0, end_position - num_chars)  # Ensure not to exceed the file's range
    file.seek(start_position)
    log_content = file.read()


# Use Google's Generative AI for analysis
api_key = 'Your API key'  # Replace this with your API key
genai.configure(api_key=api_key)


model = genai.GenerativeModel('gemini-pro')


# First, ask a question
question = 'Please analyze whether the following log content has any issues:'
response = model.generate_content(question + '\n' + log_content)
genai_result = response.text


# Save the log content and analysis result to a file
output_file_path = '/tmp/var/wwwext/user19.asp'
with open(output_file_path, 'w') as output_file:
    output_file.write('<html><body>')
    output_file.write('<h2>Question:</h2>')
    output_file.write('<pre>{}</pre>'.format(question))
    output_file.write('<h2>Messages Log Content:</h2>')
    output_file.write('<pre>{}</pre>'.format(log_content))
    output_file.write('<h2>GenAI Analysis Result:</h2>')
    output_file.write('<pre>{}</pre>'.format(genai_result))
    output_file.write('</body></html>')


print('Question, Log content, and GenAI analysis result saved to', output_file_path)


You may need to manually adjust the following user19.py script as indicated in red according to your router environment:



Change the file permissions of user19.py to make it executable.



Then, execute the /jffs/addons/myaddon/user19.py file in cmdline. The output will be as follows:

View attachment 57433


How to mount your own webpage onto the router menu steps as below:

Edit the /tmp/menuTree.js file



Search for the following crucial keywords highlighted in red. You'll notice that all other addon menus are uniformly integrated here (as indicated in blue).


You simply need to insert your own link in a single line (as shown in green).



After editing, simply remount the menu using the following cmdline to complete the process.




Done!

View attachment 57435


Note: I am currently unable to confirm whether Google Generative AI has free query restrictions. This may depend on the specific API you are using, as well as the quotas and usage associated with your API key. It is recommended to consult the official documentation of Google Generative AI or contact the Google support team for detailed information and restrictions regarding the API. Typically, major AI service providers may implement some form of quotas or restrictions to manage usage and resource allocation.

I just wanted to say, “Thank you” for taking the time to pull this project together and provide encouragement to keep going. MerlinAU at the beginning had some negative reactions, but thankfully @Martinski and @ExtremeFiretop both didn’t listen and turned it into quite an awesome little tool. Have you tried forcing some events to see how Google AI would respond? I’m curious how it would read something innocuous as an ethernet cable unplugged to something more serious like the CPU overheating. Looking forward to seeing where this leads. Perhaps the next AMTM package :)
 
Have you tried forcing some events to see how Google AI would respond? I’m curious how it would read something innocuous as an ethernet cable unplugged to something more serious like the CPU overheating.

I have enabled bonding (802.3ad) on the LAN1 and LAN2 ports of the router. I can test what happens when the Ethernet cable is unplugged based on your curiosity, without affecting the network.

螢幕擷取畫面 2024-03-26 124550.png


Normal state:
螢幕擷取畫面 2024-03-26 124637.png


Unplug LAN2 cable:
螢幕擷取畫面 2024-03-26 124731.png


After execution, the results are as follows:

Question:​

Please analyze whether the following log content has any issues:

Messages Log Content:​

erface eth2, disabling it
Mar 26 12:45:07 GT-AX6000-0FC8 kernel: eth2 (Int switch port: 1) (Logical Port: 1) (phyId: 2) Link Up at 1000 mbps full duplex
Mar 26 12:45:07 GT-AX6000-0FC8 kernel: bond0: link status definitely up for interface eth2, 1000 Mbps full duplex
Mar 26 12:47:08 GT-AX6000-0FC8 kernel: eth2 (Int switch port: 1) (Logical Port: 1) (phyId: 2) Link DOWN.
Mar 26 12:47:08 GT-AX6000-0FC8 kernel: eth2: speed changed to 0 for port eth2
Mar 26 12:47:08 GT-AX6000-0FC8 kernel: bond0: link status definitely down for interface eth2, disabling it
Mar 26 12:48:02 GT-AX6000-0FC8 kernel: eth2 (Int switch port: 1) (Logical Port: 1) (phyId: 2) Link Up at 1000 mbps full duplex
Mar 26 12:48:02 GT-AX6000-0FC8 kernel: bond0: link status definitely up for interface eth2, 1000 Mbps full duplex

GenAI Analysis Result:​

**The log content has the following issues:**

* **Eth2 interface is unstable:** The eth2 interface experiences multiple link up and down events within a short period of time. This instability can cause network connectivity issues.
* **Bond0 link status:** The bond0 interface, which is likely a bonded interface using eth2, also experiences link up and down events following the eth2 interface. This bond0 interface is dependent on eth2, so its stability is affected by eth2's instability.

**Recommendations:**

* **Investigate eth2 interface issue:** Determine the cause of the eth2 interface instability and resolve it. Check for any hardware issues, cabling problems, or software misconfigurations.
* **Monitor bond0 interface:** Monitor the bond0 interface and ensure that it is stable after the eth2 interface issue is resolved.

As for the CPU temperature, I don't have a stress test script, nor do I dare to test it. Let interested individuals try it out instead. ;)
 
I think this is a very interesting project.
If I could install it with a single amtm command, I'd give it a go.
But I don't fancy going through all that stuff to install it.

Hmm .. could I just cut&paste my syslog into ChatGPT and see what it thinks?
 
I have enabled bonding (802.3ad) on the LAN1 and LAN2 ports of the router. I can test what happens when the Ethernet cable is unplugged based on your curiosity, without affecting the network.

View attachment 57452

Normal state:
View attachment 57453

Unplug LAN2 cable:
View attachment 57454

After execution, the results are as follows:



As for the CPU temperature, I don't have a stress test script, nor do I dare to test it. Let interested individuals try it out instead. ;)
This is ridiculously cool. Thanks so much. Now what would be the topper is if it could be integrated into something like PagerDuty so that I could just get GenAI to tell me what to check out on my router via a PD alert to my phone.

How does it respond to single or multiple failed WPA authentications or failed VPN authentications (like a brute force attack), or VPN disconnects/reconnects? I know I could just try this myself but since you already have it up and running. 😁
 
I think this is a very interesting project.
If I could install it with a single amtm command, I'd give it a go.
But I don't fancy going through all that stuff to install it.
@aru needs to work on a 2nd installer script now! :)
Hmm .. could I just cut&paste my syslog into ChatGPT and see what it thinks?
And yes, you could... please post some results back to get an idea of what you get back from it?
 
Last edited:
Hehe .. I gave ChatGPT a log containing a wan down/up event, including the dnsmasq crash that we've talked about in another thread.

(I note that, like many on this forum, it can't correctly interpret the "dnsmasq tainted" message - "There is a warning regarding dnsmasq being tainted")

Analyzing the provided log, here are some observations:

  1. lldpd Removal Request: There are several entries related to lldpd reporting removal requests for an address (92.40.65.222%22), indicating a request to remove an address from a particular interface, but there's no knowledge of it. This might indicate a potential network configuration issue or an attempt to remove an unknown IP address.
  2. Custom Script Execution: There are several instances of custom scripts being executed, particularly /jffs/scripts/wan-event, /jffs/scripts/firewall-start, /jffs/scripts/service-event, and /jffs/scripts/dnsmasq.postconf. These scripts seem to be handling events related to WAN connectivity, firewall management, service restarts (e.g., dnsmasq), and configuration changes (e.g., appending content of dnsmasq.conf.add).
  3. Dnsmasq Restart: There is a warning regarding dnsmasq being tainted, leading to its restart. This could indicate an issue with dnsmasq's configuration or operation that required a restart to resolve.
  4. DDNS Update: There's a log entry indicating that the IP address, server, and hostname for Dynamic DNS (DDNS) have not changed since the last update. This is a normal log indicating the status of DDNS.
  5. Network Configuration: The dnsmasq service is started with various configurations, including DHCP settings and DNS resolution settings. It seems to be running normally despite the warning about interfaces not currently existing.
  6. Kernel Errors: There are kernel messages indicating a potentially unexpected fatal signal and errors related to IDPfw, indicating possible issues with firewall modules.
  7. Network Events: Various network events are logged, such as device authentication, connections, disconnections, ping tests, DHCP client activity, and roaming events.
In summary, the log includes various routine network events and configurations, along with some warnings and errors related to dnsmasq, kernel signals, and firewall modules. Reviewing these entries in the context of the router's normal operation and recent changes to its configuration could help identify any potential issues or areas for optimization. Additionally, addressing the warnings and errors related to dnsmasq and the kernel may be necessary for ensuring the stability and security of the router.
 
I think this is a very interesting project.
If I could install it with a single amtm command, I'd give it a go.
But I don't fancy going through all that stuff to install it.

Hmm .. could I just cut&paste my syslog into ChatGPT and see what it thinks?

Haha, copying and pasting is something I often do. I'm just practicing to automate the initial concept by writing a script. As for the automation script, I still have a ways to go as it involves many intricate details, and I haven't taken that step yet. Additionally, integrating it into the AMTM platform presents an even greater challenge, requiring a masterful level of skill. It's likely that only masterpieces would qualify for inclusion there. If you're interested in this project script, I hope that through this article, it can also inspire others to create their own works.
 
@aru needs to work on a 2nd installer script now! :)

I'm stuck on two questions and I need your guidance. I hope it doesn't cause you any inconvenience: :)
1) Could you provide a simple installation guide for a hello world script for my reference? I want to apply the basic framework of an installation script.
2) From this exercise, I observed a very important issue on how to trigger the underlying user19.py script for real-time updates when users browse user19.asp. Similar issues exist in the Map script and this script. Currently, I haven't found a method yet.
 
Not been following anything AI, but this could be a helpful solution in troubleshooting other than/before “have you done a complete factory reset?”
 
Not been following anything AI, but this could be a helpful solution in troubleshooting other than/before “have you done a complete factory reset?”

I believe that a system reset can solve over 90% of the router's internal issues. However, for issues such as LAN port disconnection, hardware failures, firmware problems, network configuration issues, security issues, or ISP problems, resetting the router multiple times may not be effective. In such cases, using the verbose and sometimes incomprehensible system logs, the bot can translate them into readable information, providing a direction for troubleshooting.
 
Not been following anything AI, but this could be a helpful solution in troubleshooting other than/before “have you done a complete factory reset?”

We have to know where the router is to begin to get it to a good/known state. ;)

Questions/more info is always good.
 
I'm stuck on two questions and I need your guidance. I hope it doesn't cause you any inconvenience: :)
1) Could you provide a simple installation guide for a hello world script for my reference? I want to apply the basic framework of an installation script.
2) From this exercise, I observed a very important issue on how to trigger the underlying user19.py script for real-time updates when users browse user19.asp. Similar issues exist in the Map script and this script. Currently, I haven't found a method yet.
This is a really good question, tbh. @Viktor Jaep, are there guidelines or templates that people follow to create scripts within the amtm framework? @thelonelycoder may also be able to provide some guidance.
 
This is a really good question, tbh. @Viktor Jaep, are there guidelines or templates that people follow to create scripts within the amtm framework? @thelonelycoder may also be able to provide some guidance.

thelonelycoder has a set of basic requirements for an addon to considered for integration into AMTM.

As for templates of basic installations to follow for guidance, idk about Viktor or any of the other devs here, but I know me and Martinski kinda poked around the plugins in our existing JFFs folder for a reference on how others were doing it and tried to stick with that.

I think a clean uninstall is an important requirement as well, but considering how early this project is, you may just want to focus on just getting any automated installation to work at all before you worry about following specific AMTM standards.

You'll get more users and feedback if the script has a self-installation which will help speed up your development, more heads is always better than one in that regard. Best of luck with the project!
 

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Staff online

Top