AI-powered cybersecurity log analysis using Google Gemini AI. Analyzes security logs and generates detailed reports with threat assessment and recommendations.
- AI-powered log analysis with Google Gemini
- JSON and PDF report generation
- Network threat detection (DDoS, exploits, reconnaissance)
- RESTful API with FastAPI
- Confidence scoring and explanations
-
Install dependencies
pip install -r requirements.txt
-
Configure environment Create
.envfile:GOOGLE_API_KEY=your_google_api_key
-
Install wkhtmltopdf (for PDF generation) Download from: https://wkhtmltopdf.org/downloads.html
-
Run the application
python main.py
API available at http://localhost:8000
Analyze security logs and generate reports.
Request:
{
"log": {
"timestamp": "2025-01-01T10:00:00Z",
"source_ip": "192.168.1.100",
"dest_ip": "10.0.0.1",
"protocol": "HTTP"
},
"prediction": "exploit",
"category": "Network"
}Generate PDF report from log analysis (same request format as above).
Generate concise 2-line security status message from log analysis.
Request(for exemple):
{
"log": {
"timestamp": "2025-01-01T10:00:00Z",
"source_ip": "192.168.1.100",
"dest_ip": "10.0.0.1",
"protocol": "HTTP"
},
"prediction": "exploit",
"category": "Network"
}Response:
{
"message": "Security Status: Critical - Network exploit detected from 192.168.1.100\nKey Alert: Block source IP immediately and investigate lateral movement"
}Network Threats: DDoS, exploits, reconnaissance, fuzzers, intrusion attempts General Analysis: Timeline reconstruction, system component identification, anomaly detection
- Threat Summary: What was detected
- Confidence Score: AI confidence level
- Threat Level: Low/Medium/High severity
- Recommended Actions: Specific next steps
- Python 3.8+
- Google Gemini API key
- wkhtmltopdf (for PDF generation)