An AI-powered autonomous monitoring agent for the Aviz Networks ONES network management platform. It logs into the ONES dashboard, explores every page using a Claude-guided browser, collects server and Docker container metrics over SSH, analyzes everything with Claude's vision API, and posts a rich daily health report to Slack — automatically.

• How It Works
• Architecture
• Prerequisites
• Installation
• Configuration
• Running the Agent
• Scheduling Daily Reports
• Sample Report Output
• Project Structure
• Contributing

┌──────────────────────────────────────────────────────────────┐
│  1. Browser Agent (Playwright + Claude Vision)               │
│     Logs into ONES dashboard, asks Claude to identify nav    │
│     items, recursively explores every page & sub-page, and   │
│     captures full-page screenshots (up to 4 levels deep).    │
└────────────────────────┬─────────────────────────────────────┘
                         │ ~60 screenshots
┌────────────────────────▼─────────────────────────────────────┐
│  2. SSH Monitor (Paramiko)                                    │
│     SSH-connects to the ONES server, escalates to root,      │
│     collects Docker container stats, host memory/CPU/disk,   │
│     recent error logs, and pre-flags anomalies by threshold. │
└────────────────────────┬─────────────────────────────────────┘
                         │ metrics + anomalies
┌────────────────────────▼─────────────────────────────────────┐
│  3. Analyzer (Claude API — multimodal)                       │
│     Sends all screenshots + SSH metrics to Claude Sonnet.    │
│     Distinguishes ONES platform issues from network issues   │
│     ONES detects. Returns structured status + findings +     │
│     recommendations.                                         │
└────────────────────────┬─────────────────────────────────────┘
                         │ analysis result
┌────────────────────────▼─────────────────────────────────────┐
│  4. Slack Reporter (Slack SDK)                               │
│     Posts a formatted report block with status, summary,     │
│     findings, and recommendations. Uploads screenshots and   │
│     raw SSH output as thread replies.                        │
└──────────────────────────────────────────────────────────────┘

aviz-monitor/
├── main.py                 # Orchestrator — runs all 3 steps in sequence
├── scheduler.py            # Daily scheduling daemon
├── config.py               # Central configuration (credentials, thresholds, URLs)
├── requirements.txt        # Python dependencies
├── setup.sh                # One-time environment setup script
│
├── agents/
│   ├── browser_agent.py    # AI-guided recursive dashboard exploration + screenshots
│   ├── ssh_monitor.py      # Server health collection via SSH (Docker, host metrics)
│   ├── analyzer.py         # Claude multimodal analysis of screenshots + SSH data
│   └── screenshot_agent.py # Simple static screenshot fallback
│
├── reporter/
│   └── slack_reporter.py   # Slack block builder + image uploader + thread poster
│
└── screenshots/            # Output directory for captured PNG screenshots

# 1. Clone the repository
git clone https://github.com/AvizNetworks/ONES_ANALYSIS_AGENT.git
cd ONES_ANALYSIS_AGENT/aviz-monitor

# 2. Run the one-time setup (creates venv, installs deps, installs Chromium)
bash setup.sh

# 3. Activate the virtual environment
source venv/bin/activate

Edit aviz-monitor/config.py and fill in your values. Alternatively, set secrets as environment variables (recommended for production).

APP_URL      = "https://your-ones-instance.example.com"
APP_USERNAME = "admin"
APP_PASSWORD = "your-password"

SSH_HOST     = "10.20.0.37"    # IP of the ONES server
SSH_PORT     = 22
SSH_USER     = "aviz"
SSH_PASSWORD = "your-ssh-password"
SSH_KEY_PATH = ""              # path to private key, or leave empty for password auth

DOCKER_MEMORY_WARNING_PERCENT = 85   # alert if any container uses >85% of its limit
HOST_MEMORY_WARNING_PERCENT   = 90   # alert if host RAM >90%
HOST_DISK_WARNING_PERCENT     = 85   # alert if any disk partition >85%

SLACK_BOT_TOKEN = ""        # or set env var SLACK_BOT_TOKEN
SLACK_CHANNEL   = "#your-channel"

Required Slack Bot scopes: chat:write, files:upload, channels:read, groups:read

ANTHROPIC_API_KEY = ""      # or set env var ANTHROPIC_API_KEY

REPORT_TIME = "10:00"       # 24-hour local time for daily report

For secrets, prefer environment variables:

export SLACK_BOT_TOKEN="xoxb-..."
export ANTHROPIC_API_KEY="sk-ant-..."

cd aviz-monitor
source venv/bin/activate
python main.py

python main.py --dry-run

Screenshots are still captured and the analysis is printed to stdout.

The scheduler runs main.py every day at the time set in REPORT_TIME.

nohup python scheduler.py > scheduler.log 2>&1 &
echo $! > scheduler.pid
echo "Scheduler started (PID $(cat scheduler.pid))"

python scheduler.py --now

kill $(cat scheduler.pid)

tail -f scheduler.log

Below is an example Slack report generated for demo.aviznetworks.com.

Overall Status: 🔴 CRITICAL

Summary

The ONES platform has several significant self-health issues that require immediate attention. The ones-collector Docker container is consuming an abnormally high 667.87% CPU and has accumulated 29.30 GiB of memory usage, indicating a likely runaway process or data ingestion overload. Additionally, the ServiceNow data connector is in an Inactive state, breaking that ticketing integration, and the Manage > Configuration page returns a "Page doesn't exist" 404 error, indicating a broken UI route. The ONES Appliance Health is self-reported as Critical in the Admin View, confirming platform-level distress.

• 111 total devices monitored across 4 regions (Houston, San Jose, Denver, Nyk); 108/111 actively streaming telemetry
• Critical alerts active across all fabrics in the last 12 hours; 27 activities logged — ONES alert engine is firing and processing normally
• 8/666 links down detected across the fabric topology; 2 devices unreachable, 15 unhealthy, 15 with faulty fans, 14 with faulty PSUs — all detected and reported by ONES correctly
• BGP, LACP, VXLAN, VLAN, QoS, VRRP protocol views all rendering with data; 243 total alerts tracked (221 device, 22 interface) — ONES data pipeline is largely functional for the 108 streaming devices

1. Immediately investigate and restart ones-collector — A CPU utilization of 667.87% is symptomatic of a runaway thread, infinite retry loop, or telemetry storm. Run docker logs ones-collector --tail 500 to identify the cause. Consider docker restart ones-collector after capturing logs.

2. Investigate the recent ones-gateway restart — Determine why this container restarted (~1 hour ago). Review logs with docker logs ones-gateway --tail 200. If crash-looping, identify the root cause (OOM kill, config error, dependency failure).

3. Re-activate the ServiceNow data connector — Navigate to Settings > Data Connectors > ServiceNow, verify API credentials/token have not expired (connector was configured 23 Mar 2026), and re-authenticate.

4. Fix the broken Manage > Configuration UI route — The 404 at /manage/configuration suggests a missing route definition or a build artifact issue in the ones-ui container. A redeployment of ones-ui (currently v4.1.0) may resolve this.

5. Monitor and address server-level resource pressure — With host CPU at 69.25% and memory at 69.75% — both above the 60% warning threshold — review whether the ONES server needs vertical scaling or whether the ones-collector runaway is the primary driver.

6. Investigate the 3 non-streaming devices — Check ones-collector logs for connection errors to these specific device IPs. Restore streaming to close the data pipeline gap.

7. Obtain SSH access to collect full host metrics — The absence of SSH-based memory, swap, and disk metrics creates a blind spot. Ensure SSH health collection is functional and re-run the diagnostic.

8. Investigate blank Help pages — Check if the embedded documentation service or iframe source is unreachable. Low priority but affects operator usability.

The agent captures screenshots at up to 4 depth levels and uploads them to the Slack thread. Below are examples from the April 12 run:

ONES_ANALYSIS_AGENT/
└── aviz-monitor/
    ├── main.py               # Entry point — orchestrates all 3 steps
    ├── scheduler.py          # Daily scheduling daemon
    ├── config.py             # All configuration (fill this in)
    ├── requirements.txt      # Python dependencies
    ├── setup.sh              # One-time setup script
    ├── agents/
    │   ├── browser_agent.py  # Playwright + Claude vision nav explorer
    │   ├── ssh_monitor.py    # SSH + Docker metrics collector
    │   ├── analyzer.py       # Claude multimodal analysis engine
    │   └── screenshot_agent.py  # Simple static screenshot fallback
    ├── reporter/
    │   └── slack_reporter.py # Slack rich block poster + image uploader
    └── screenshots/          # PNG captures (gitignored in production)

1. Fork the repository
2. Create a feature branch: git checkout -b feature/your-feature-name
3. Make your changes and test with python main.py --dry-run
4. Commit with a clear message: git commit -m "feat: describe your change"
5. Push and open a Pull Request against main

Areas open for contribution:

• Support for additional notification channels (Teams, PagerDuty, email)
• Configurable page exploration depth and screenshot limits
• Historical trend tracking (compare today's report vs. last week)
• Docker Compose / Kubernetes deployment manifests
• GitHub Actions workflow for CI dry-run tests
• Web dashboard for browsing past reports and screenshots
• Support for multiple ONES instances in a single run

This project is maintained by Aviz Networks. Please check with the repository owner for licensing terms before forking or distributing.