suspicious-activity
by official
Monitor network traffic and CPU usage, analyze system metrics and network patterns to identify suspicious activity, summarize findings, and generate a diagnostic report in markdown format
sysadmin
analysis
debugging
# suspicious-activity Monitor network traffic and CPU usage, analyze the data, and generate a report about whether there might be suspicious activity. ## Description This tool collects system metrics including CPU usage, network connections, and listening ports over a specified duration, then uses AI analysis to identify potential suspicious patterns and generate a diagnostic report. ## Requirements - Linux system with `top`, `ss`, and `ps` commands available - AI provider configured (default: claude-sonnet) ## Usage ```bash # Basic usage with defaults (10 second monitoring, 80% CPU threshold) suspicious-activity # Custom monitoring duration suspicious-activity --duration 30 # Custom CPU threshold suspicious-activity --threshold 90 # Both options suspicious-activity --duration 20 --threshold 75 ``` ## Arguments - `--duration` - Monitoring duration in seconds (default: 10) - `--threshold` - CPU usage threshold percentage for alerts (default: 80) ## Output Generates a markdown-formatted report including: - Executive summary - Key findings from system monitoring - Suspicious activity assessment level - Security recommendations ## Examples ```bash # Quick 5-second check suspicious-activity --duration 5 # Extended monitoring for detailed analysis suspicious-activity --duration 60 --threshold 70 ``` ## Note This tool runs system commands (`top`, `ss`, `ps`) to collect metrics. The description mentions this system access, which is essential for the tool's monitoring purpose.
Reviews
Login to reviewNo reviews yet.
Issues
No issues reported for this tool.
Write a Review
Share your experience with this tool.
Select a rating
0/2000
Report an Issue
Help improve this tool by reporting bugs or security issues.