AI Monitor (ai-monitor) — Workflow Guide
File Information
| Property | Value |
|---|---|
| Binary Name | ai-monitor |
| Version | 9.0.1 |
| File Size | 2.6MB |
| Author | Warith Al Maawali |
| License | Proprietary |
| Category | AI & Intelligence |
| Description | Proactive system monitoring daemon with anomaly detection and suggestions |
| JSON Data | View Raw JSON |
SHA256 Checksum
What ai-monitor Does
ai-monitor is a background daemon that continuously monitors system security, network health, VPN/Tor status, and DNS leaks. When it detects issues, it generates actionable suggestions with specific fix commands. It integrates with ai-scheduler for automated responses.
Key Capabilities
| Feature | Description |
|---|---|
| VPN Monitoring | Tracks VPN connection status and health |
| Tor Monitoring | Monitors Tor circuit health and performance |
| DNS Leak Detection | Continuous DNS leak scanning |
| Security Scoring | Real-time system security score tracking |
| Suggestion Engine | Proactive fix recommendations with commands |
| Service Management | Install as systemd service for auto-start |
| AI Tier Health | Monitors availability of all 6 AI engine tiers (TF-IDF, ONNX, Mistral.rs, Ollama, LLM, Claude) — requires all tiers installed |
Monitoring Categories
| Category | What It Monitors | Check Interval |
|---|---|---|
| Security | System score, file integrity, hardening | 60 seconds |
| Network | VPN status, connectivity, routing, Tor, DNS | 30 seconds |
| Recovery | System recovery state, backup status | 60 seconds |
| Optimization | Performance tuning, resource usage | 60 seconds |
Scenario 1: Setting Up Always-On Security Monitoring
Deploy ai-monitor as a persistent background service and combine with ai-scheduler for complementary automated checks.
# Step 1: Start the monitoring daemon
sudo ai-monitor start --daemon
# Step 2: Verify it's running
ai-monitor status
# Step 3: Install as systemd service so it survives reboots
sudo ai-monitor service install
# Step 4: Verify service is active
ai-monitor service status
# Step 5: Check if any suggestions have been generated
ai-monitor suggestions
# Step 6: Set up ai-scheduler to complement monitoring
ai-scheduler add --name "dns-check" \
--command "dns-leak test" \
--cron "0 */6 * * *"
ai-scheduler add --name "tor-health" \
--command "tor-switch new-circuit" \
--cron "0 */2 * * *"
ai-scheduler add --name "security-score" \
--command "health-control sec-score" \
--cron "0 0 * * *"
# Step 7: Verify both systems are running
ai-monitor status --json
ai-scheduler list
Cross-binary workflow: ai-monitor + ai-scheduler + dns-leak + tor-switch + health-control
Result: System security is monitored 24/7 with automated scheduled checks running alongside.
Scenario 2: Responding to Security Suggestions
When ai-monitor detects issues, review and act on suggestions across multiple security binaries.
# Step 1: Check all current suggestions
ai-monitor suggestions
# Example output:
# [HIGH] DNS leak detected - Your DNS queries are leaking outside the VPN
# Fix: dns-switch secure
# [MEDIUM] Security score: 72/100 - Below recommended threshold
# Fix: health-control sec-harden --full
# [LOW] Tor circuit age: 4 hours - Consider rotation
# Fix: tor-switch new-circuit
# Step 2: Filter by category to focus on critical issues
ai-monitor suggestions --category security
ai-monitor suggestions --category network
# Step 3: Execute the suggested fix commands
dns-switch secure
health-control sec-harden --full
tor-switch new-circuit
# Step 4: Mark fixed suggestions as resolved
ai-monitor suggestions --resolve 1
ai-monitor suggestions --resolve 2
ai-monitor suggestions --resolve 3
# Step 5: Dismiss suggestions that don't apply
ai-monitor suggestions --dismiss 4
# Step 6: Clean up old resolved/dismissed suggestions
ai-monitor suggestions --cleanup
# Step 7: Verify all suggestions resolved
ai-monitor suggestions
# Should show: "No active suggestions"
Cross-binary workflow: ai-monitor + dns-switch + health-control + tor-switch
Scenario 3: Network Issue Detection and Resolution
Use ai-monitor with network diagnostic binaries to detect and fix network problems.
# Step 1: Check network-specific suggestions
ai-monitor suggestions --category network
# Example output:
# [HIGH] VPN connection lost - No active VPN detected
# Fix: routing-switch vpn --reconnect
# [MEDIUM] DNS leak detected - 3 non-VPN DNS queries observed
# Fix: dns-leak test && dns-switch secure
# [LOW] Tor circuit performance degraded - High latency detected
# Fix: tor-switch new-circuit
# Step 2: If VPN is down - diagnose and fix
routing-switch status # Check current routing
routing-switch vpn --reconnect # Reconnect VPN
ai-monitor suggestions --resolve 1 # Mark as resolved
# Step 3: If DNS leak detected - diagnose and fix
dns-leak test # Confirm the leak
dns-switch status # Check DNS configuration
dns-switch secure # Fix DNS configuration
dns-leak test # Verify fix
ai-monitor suggestions --resolve 2 # Mark as resolved
# Step 4: If Tor circuit is unhealthy - diagnose and fix
tor-switch tor-status # Check Tor status
tor-switch new-circuit # Get new circuit
ai-cmd query "check tor status" # Verify via AI
ai-monitor suggestions --resolve 3 # Mark as resolved
# Step 5: Verify all network issues resolved
ai-monitor suggestions --category network
# Should show: "No active suggestions"
# Step 6: Check overall status with JSON output
ai-monitor status --verbose --json
Cross-binary workflow: ai-monitor + routing-switch + dns-leak + dns-switch + tor-switch + ai-cmd
Scenario 4: Custom Monitoring Configuration
Configure ai-monitor with custom intervals and thresholds for different security scenarios.
# Scenario 4A: High-security mode with aggressive monitoring
sudo ai-monitor start --interval 30 --threshold 90
# Explanation:
# --interval 30 Check every 30 seconds (default: 60)
# --threshold 90 Alert when security score drops below 90 (default: 80)
# Scenario 4B: Run in foreground for debugging
sudo ai-monitor start --interval 60 --threshold 80
# Watch real-time monitoring logs in terminal (non-daemon mode)
# Press Ctrl+C to stop
# Scenario 4C: Low-resource mode with relaxed monitoring
sudo ai-monitor start --daemon --interval 120 --threshold 70
# Scenario 4D: Combine with ai-scheduler for complementary checks
sudo ai-monitor start --daemon --interval 60 --threshold 85
ai-scheduler add --name "hourly-network-check" \
--command "health-control net-check" \
--cron "0 * * * *"
ai-scheduler add --name "daily-integrity" \
--command "integrity-check check-all" \
--cron "0 3 * * *"
# Scenario 4E: Check monitoring configuration and status
ai-monitor status --verbose
ai-monitor status --json # JSON output for integration with other tools
# Scenario 4F: Adjust monitoring for specific categories
ai-monitor suggestions --category security # Focus on security issues
ai-monitor suggestions --category network # Focus on network issues
ai-monitor suggestions --category optimization # Focus on performance
ai-monitor suggestions --category recovery # Focus on recovery state
Cross-binary workflow: ai-monitor + ai-scheduler
Use cases:
- High-security: --interval 30 --threshold 90 for maximum protection
- Debugging: Foreground mode without --daemon to see real-time logs
- Low-resource: --interval 120 --threshold 70 for older hardware
- Balanced: --interval 60 --threshold 80 (default) for most users
Scenario 5: Automated Monitoring + Scheduling Pipeline
Combine ai-monitor with ai-scheduler for fully automated security maintenance across all whitelisted binaries.
# Step 1: Start the monitoring daemon
sudo ai-monitor start --daemon --interval 60 --threshold 80
sudo ai-monitor service install
# Step 2: Start the scheduler daemon
sudo ai-scheduler start
# Step 3: Schedule complementary security checks
ai-scheduler add --name "dns-leak-check" \
--command "dns-leak test" \
--cron "0 */6 * * *"
ai-scheduler add --name "tor-circuit-rotate" \
--command "tor-switch new-circuit" \
--cron "0 */2 * * *"
ai-scheduler add --name "security-score" \
--command "health-control sec-score" \
--cron "0 0 * * *"
ai-scheduler add --name "network-check" \
--command "health-control net-check" \
--cron "*/30 * * * *"
ai-scheduler add --name "integrity-verify" \
--command "integrity-check check-all" \
--cron "0 6 * * *"
ai-scheduler add --name "daily-learning" \
--command "ai-learner learn --incremental" \
--cron "0 2 * * *"
# Step 4: Verify all tasks
ai-scheduler list
ai-monitor status
Result: A comprehensive automated security pipeline:
| Time | Action | Binary |
|---|---|---|
| Continuous | Monitor VPN/Tor/DNS/Security | ai-monitor |
| Every 30 min | Network health check | health-control |
| Every 2 hours | Tor circuit rotation | tor-switch |
| Every 6 hours | DNS leak test | dns-leak |
| 2:00 AM daily | AI learning cycle | ai-learner |
| Midnight daily | Security score check | health-control |
| 6:00 AM daily | Integrity verification | integrity-check |
Cross-binary workflow: ai-monitor + ai-scheduler + dns-leak + tor-switch + health-control + integrity-check + ai-learner
Scenario 6: Investigating Persistent Security Issues
When suggestions keep recurring, investigate the root cause with deep diagnostics across multiple binaries.
# Step 1: Check recurring suggestions with JSON output
ai-monitor suggestions --json > /tmp/recurring-issues.json
# Step 2: If DNS leak keeps appearing, investigate deeper
dns-leak test --json # Detailed leak test
dns-switch status # Check DNS configuration
ai-admin diagnostics --full # Check overall system health
# Example root cause: DNS server is bypassing VPN
dns-switch secure # Apply secure DNS
systemctl restart NetworkManager # Restart network manager
sleep 60 # Wait for monitoring cycle
ai-monitor suggestions --category network # Verify leak stopped
# Step 3: If security score stays low, investigate components
health-control sec-score --verbose # Detailed score breakdown
# Example output:
# System Hardening: 65/100 (FAIL)
# Privacy Config: 80/100 (PASS)
# Network Security: 70/100 (WARNING)
# Authentication: 90/100 (PASS)
health-control sec-harden --full # Apply hardening
sleep 120 # Wait for monitoring cycle
ai-monitor suggestions --category security # Verify score improved
# Step 4: If network issues persist, deep network diagnostics
routing-switch status # Check routing configuration
ip-fetch # Verify external IP
tor-switch tor-status # Detailed Tor status
ai-cmd query "diagnose network connectivity" # AI-assisted diagnosis
# Example root cause: VPN server is down
routing-switch vpn --change-server # Switch VPN server
routing-switch status # Verify new server
ai-monitor suggestions --resolve 1 # Mark as resolved
# Step 5: After fixing root cause, clean up old suggestions
ai-monitor suggestions --cleanup
# Step 6: Verify the fix persists (check again after monitoring interval)
sleep 120 && ai-monitor suggestions --category network
sleep 120 && ai-monitor suggestions --category security
# Step 7: Use optimization category to improve system performance
ai-monitor suggestions --category optimization
# Example output:
# [INFO] High memory usage detected - Consider closing unused applications
# [INFO] Disk space low - Run cleanup operations
ai-monitor suggestions --category recovery
# Example output:
# [WARNING] No recent backup detected - Consider running backup
Cross-binary workflow: ai-monitor + dns-leak + dns-switch + health-control + ai-admin + routing-switch + ip-fetch + tor-switch + ai-cmd
Troubleshooting patterns: - Recurring DNS leaks: Check DNS server config, VPN DNS settings, NetworkManager - Low security score: Run sec-harden, check each component with --verbose - Network instability: Check routing, VPN server health, Tor status - Performance issues: Use --category optimization for tuning suggestions
Scenario 7: Monitoring AI System Health
ai-monitor can track the health of all AI engine tiers and detect issues with ONNX classifier, Mistral.rs, and model availability.
AI Engine Health Monitoring
# Check AI engine tier availability
ai-monitor suggestions --category ai-health
# Expected output:
AI Health Suggestions:
┌────────────────────────────────────────────────────┐
│ [WARNING] ONNX model not loaded │
│ Reason: distilbert-intent model missing │
│ Impact: FAST PATH disabled, using TF-IDF only │
│ Fix: sudo ai-trainer download-model │
│ │
│ [INFO] Mistral.rs not configured │
│ Reason: No GGUF model found in ./models/ │
│ Impact: SLOW PATH using fallback engines │
│ Fix: sudo ai-trainer download-model --llm default│
│ │
│ [LOW] Claude CLI not installed │
│ Reason: claude command not found │
│ Impact: Tier 6 unavailable (opt-in only) │
│ Fix: Install Claude CLI (optional) │
└────────────────────────────────────────────────────┘
# Execute suggested fixes
sudo ai-trainer download-model
sudo ai-trainer download-model --llm default
# Mark suggestions as resolved
ai-monitor suggestions --resolve 1
ai-monitor suggestions --resolve 2
# Verify all AI tiers are healthy
ai-monitor status --verbose --json | jq '.ai_health'
ONNX Classifier Health Check
# Monitor ONNX classifier status
ai-monitor watch --focus onnx-health
# Expected output (monitoring loop):
[14:23:11] ONNX Classifier: ✓ Healthy
Model: distilbert-intent-v1.0.0
Intents: 12 categories
Avg Inference: 4.2ms
Accuracy: 94.2%
Loaded: Yes
[14:24:11] ONNX Classifier: ⚠ Degraded
Warning: High inference time (12.3ms)
Suggestion: Restart ai-cmd service
Fix: systemctl restart ai-cmd
[14:25:11] ONNX Classifier: ✗ Failed
Error: Model file corrupted
Impact: FAST PATH disabled
Fix: sudo ai-trainer download-model --force
# Stop monitoring with Ctrl+C
AI Policy Integrity Monitoring
# Monitor AI policy file integrity
ai-monitor suggestions --category policy-health
# Expected output:
AI Policy Health:
┌────────────────────────────────────────────────────┐
│ [HIGH] AI policy file signature invalid │
│ Reason: Policy file modified without re-signing │
│ Impact: AI routing using default fallback policy │
│ Fix: sudo ai-learner learn --output-policy │
│ │
│ [MEDIUM] Policy thresholds suboptimal │
│ Reason: Low confidence queries being blocked │
│ Impact: 12% of queries failing policy check │
│ Fix: Regenerate policy from learning data │
│ Command: sudo ai-learner learn --output-policy │
│ │
│ [INFO] Policy version outdated │
│ Current: 0.9.8 │
│ Latest: 1.0.0 │
│ Fix: Update policy file │
└────────────────────────────────────────────────────┘
# Fix policy integrity
sudo ai-learner learn --output-policy
# Verify policy health
ai-admin diagnostics --check-policy
# Expected output:
Policy Integrity Check:
✓ File exists: results/ai-policy.json
✓ Valid JSON structure
✓ Signature verification: PASS
✓ Schema validation: PASS
✓ Threshold ranges: VALID (0.00-1.00)
✓ Tool allowlist: 9 binaries
✓ Version: 1.0.0 (up-to-date)
✓ Risk mode: safe
Model Availability Monitoring
# Monitor all AI model files
ai-monitor watch --focus model-health
# Expected output (monitoring loop):
[14:30:15] AI Models Health Check
────────────────────────────────────────────
ONNX Models:
✓ distilbert-intent-v1.0.0.onnx (84.3 MB)
✓ vocab.txt (226 KB)
✓ model-config.json (1.2 KB)
Mistral.rs Models:
✓ Qwen2.5-3B-Instruct-Q4_K_M.gguf (1.8 GB)
✓ Model loaded in memory: Yes
✓ Inference ready: Yes
Legacy Models:
○ llama-cpp: Not configured (deprecated)
Cloud Engines:
✗ Ollama: Not running
✗ Claude CLI: Not installed
Suggestions:
→ Install Ollama for GenAI provider (optional)
→ Install Claude CLI for expert analysis (opt-in)
[14:31:15] ⚠ WARNING: Disk space low (8.2 GB free)
Impact: Cannot download additional models
Fix: Clean up old files or expand storage
# Generate detailed model health report
ai-monitor suggestions --category model-health --json > model-health-report.json
AI Performance Degradation Detection
# Monitor AI inference performance over time
ai-monitor watch --focus ai-performance
# Expected output (monitoring loop):
[14:35:20] AI Performance Metrics
────────────────────────────────────────────
FAST PATH (ONNX):
Avg Inference: 4.8ms ✓ Normal (target: <10ms)
P95 Latency: 8.2ms ✓ Normal
Success Rate: 98.4% ✓ Healthy
Query Volume: 1,247 queries/hour
SLOW PATH (Mistral.rs):
Avg Inference: 210ms ✓ Normal (target: <500ms)
P95 Latency: 380ms ✓ Normal
Success Rate: 96.1% ✓ Healthy
Query Volume: 142 queries/hour
[14:36:20] ⚠ PERFORMANCE DEGRADATION DETECTED
Component: ONNX Classifier
Issue: P95 latency increased to 24.5ms
Baseline: 8.2ms (3x slower)
Impact: FAST PATH performance degraded
Suggestions:
→ Check system load (CPU/memory)
→ Restart ai-cmd service
→ Verify model file integrity
# Fix performance issues
systemctl restart ai-cmd
ai-admin diagnostics --check-models
ai-monitor suggestions --resolve 1
Automated AI Health Checks with ai-scheduler
# Schedule periodic AI health monitoring
ai-scheduler add --name "ai-health-check" \
--command "ai-admin diagnostics --check-models --check-policy" \
--cron "0 */6 * * *"
# Schedule ONNX classifier verification
ai-scheduler add --name "onnx-verify" \
--command "ai-cmd tiers --json | jq '.onnx_classifier.loaded'" \
--cron "*/30 * * * *"
# Schedule model integrity check
ai-scheduler add --name "model-integrity" \
--command "ai-admin diagnostics --check-models" \
--cron "0 3 * * *"
# Verify scheduled AI health tasks
ai-scheduler list | grep "ai-\|onnx-\|model-"
# Expected output:
ai-health-check | 0 */6 * * * | Active | ai-admin diagnostics
onnx-verify | */30 * * * * | Active | ai-cmd tiers --json
model-integrity | 0 3 * * * | Active | ai-admin diagnostics
AI Health Summary Report
# Generate comprehensive AI health report
ai-monitor suggestions --category ai-health --json | jq '.' > ai-health-summary.json
# Example report content:
{
"timestamp": "2026-02-09T14:40:15Z",
"overall_status": "healthy",
"components": {
"onnx_classifier": {
"status": "healthy",
"model": "distilbert-intent-v1.0.0",
"accuracy": 0.942,
"avg_inference_ms": 4.8,
"uptime_hours": 72.4
},
"mistral_llm": {
"status": "healthy",
"model": "Qwen2.5-3B-Instruct-Q4_K_M.gguf",
"avg_inference_ms": 210,
"memory_usage_mb": 2340
},
"ai_policy": {
"status": "healthy",
"version": "1.0.0",
"signature": "valid",
"last_updated": "2026-02-09T08:15:32Z"
}
},
"suggestions": [],
"metrics": {
"fast_path_queries": 1247,
"slow_path_queries": 142,
"failed_queries": 3,
"avg_confidence": 0.87
}
}
# View human-readable summary
ai-monitor status --verbose | grep -A20 "AI Health"
# Expected output:
AI Health Summary:
────────────────────────────────────────────
Overall Status: ✓ Healthy
ONNX Classifier: ✓ Active (4.8ms avg)
Mistral.rs LLM: ✓ Active (210ms avg)
AI Policy: ✓ Valid (v1.0.0)
Model Integrity: ✓ All models valid
Disk Space: ✓ 28.4 GB free
Active Issues: 0
Resolved Issues: 12 (last 7 days)
Cross-binary workflow: ai-monitor + ai-cmd + ai-trainer + ai-admin + ai-learner + ai-scheduler
AI Health Monitoring Best Practices:
- ✓ Check AI health daily with ai-monitor suggestions --category ai-health
- ✓ Schedule periodic model integrity checks with ai-scheduler
- ✓ Regenerate AI policy after major learning cycles
- ✓ Monitor ONNX classifier inference time (should be <10ms)
- ✓ Verify policy signature after manual edits
- ✓ Ensure sufficient disk space for model files (10GB+ free)
- ✗ Don't ignore model integrity warnings
- ✗ Don't run with corrupted ONNX classifier (degrades to TF-IDF)
Related Workflows
- Automated Security Monitoring — Full monitoring pipeline setup
- ai-scheduler — Automate security checks alongside monitoring
- Troubleshooting AI Accuracy — When AI suggestions are inaccurate
- Full CLI Reference: ai-monitor commands
Troubleshooting
| Problem | Cause | Solution |
|---|---|---|
| Daemon won't start | Port conflict or permissions | Run with --foreground to see errors; check sudo |
| No suggestions generated | No issues detected or monitor just started | Wait for a full check cycle (30-60s); check ai-monitor status |
| High CPU usage | Check intervals too aggressive | Increase check intervals in configuration |
| Missing AI tier health data | Optional tiers not installed | Install ONNX/Mistral.rs models to enable tier health monitoring |
| Stale suggestions | Monitor not running | Verify daemon is active: ai-monitor status |