Skip to main content

Governed AI-ops for self-hosted Prometheus + Grafana: PromQL, scrape-target & rule health, alerts/silences, dashboards, and flagship RCA/scrape-health/alert-noise analyses with a built-in governance harness (audit, budget, undo, risk tiers)

Project description

Observability AIops (preview)

Disclaimer: Community-maintained open-source project. Not affiliated with, endorsed by, or sponsored by the Prometheus or Grafana projects, Grafana Labs, or the Cloud Native Computing Foundation. Prometheus, Alertmanager and Grafana are trademarks of their respective owners. MIT licensed.

Governed AI-ops for a self-hosted observability stack in one server — Prometheus (HTTP API, PromQL, targets, rules, alerts), Alertmanager (alerts + silences), and Grafana (dashboards, datasources, folders) — with a built-in governance harness: unified audit log, policy engine, token/runaway budget guard, undo-token recording, and graduated-autonomy risk tiers. One config can span your whole stack; each target names its own platform. Preview — mock-validated only, not yet verified against a live stack.

This is the self-hosted-observability complement to enterprise monitoring suites: it speaks the open Prometheus/Grafana APIs an SRE actually runs, not a vendor NMS.

What it does

Answers the questions an SRE actually repeats over a Prometheus/Grafana stack, and guards the writes that follow:

  • PromQL + metadata — instant and range queries, label-value enumeration, and series metadata, all read-only and result-capped.
  • Scrape-target & rule health — which targets are up/down (and why, from lastError), which were dropped by relabeling, and which recording/alerting rules are erroring.
  • Alerts & silences — firing/pending Prometheus rule alerts, Alertmanager's post-routing view, and its silences.
  • Grafana — dashboards, datasources (+ health), and folders.
  • Flagship analyses — transparent heuristics that show their numbers: firing_alert_rca (join each firing alert to its rule expr → cause + action), target_scrape_health_analysis (rank down/erroring scrapes → likely cause), and alert_noise_and_flap_analysis (frequently-repeated / duplicate alerts → dedup/rollup recommendation).
  • Governed writes — create/expire Alertmanager silences (time-boxed), create Grafana annotations, update/delete dashboards, and hot-reload the Prometheus config — each audited, risk-tiered, dry_run-able, and the reversible ones capture the real fetched before-state for undo.

Capability matrix (30 MCP tools)

Group Platform Tools Count R/W
Metrics Prometheus instant_query, range_query, label_values, series_metadata 4 read
Targets Prometheus list_targets, target_scrape_health, dropped_targets 3 read
Status Prometheus prometheus_config_status, prometheus_tsdb_status 2 read
Rules Prometheus list_rules, rule_health 2 read
Alerts Prometheus/Alertmanager firing_alerts, pending_alerts, alertmanager_alerts, list_silences 4 read
Grafana Grafana list_dashboards, get_dashboard, list_datasources, datasource_health, list_folders 5 read
Overview both observability_overview 1 read
Analyses Prometheus firing_alert_rca, target_scrape_health_analysis, alert_noise_and_flap_analysis 3 read
Writes Alertmanager create_silence, expire_silence 2 write (med)
Grafana create_annotation 1 write (low)
Grafana update_dashboard 1 write (med)
Grafana delete_dashboard 1 write (high)
Prometheus reload_prometheus_config 1 write (med)

The CLI exposes a convenience subset; the full 30-tool surface is via the MCP server.

Quick start

uv tool install observability-aiops          # or: pipx install observability-aiops
observability-aiops init                     # wizard: pick platform (prometheus/grafana) + store the token (encrypted)
observability-aiops doctor                   # verify config, secrets, connectivity
observability-aiops overview                 # snapshot: firing alerts + targets up/down + rules erroring
observability-aiops query instant 'up'       # run a PromQL instant query
observability-aiops alert rca                # root-cause the firing alerts

Run as an MCP server (stdio):

export OBSERVABILITY_AIOPS_MASTER_PASSWORD=...   # unlock secrets non-interactively
observability-aiops mcp

Governance

Every MCP tool passes through the bundled @governed_tool harness:

  • Audit — every call (params, result, status, duration, risk tier, approver, rationale) is logged to ~/.observability-aiops/audit.db (relocatable via OBSERVABILITY_AIOPS_HOME).
  • Budget / runaway guard — token and call budgets trip a circuit breaker on tight poll/retry loops.
  • Risk tiers — graduated autonomy; high-risk ops (delete_dashboard) can require a named approver (OBSERVABILITY_AUDIT_APPROVED_BY / OBSERVABILITY_AUDIT_RATIONALE).
  • Undo recording — reversible writes capture the real before-state and record an inverse descriptor (create_silence→expire, update_dashboard/ delete_dashboard→restore the captured prior model).

Supported scope & limitations

  • Platforms: Prometheus HTTP API (+ a companion Alertmanager) and Grafana HTTP API. Hosted/SaaS monitoring suites (Datadog, New Relic, enterprise NMS) are deliberately out of scope for this tool.
  • Preview / mock-only. All behaviour is validated against mocked Prometheus/Grafana/Alertmanager responses. Both are free and open-source and trivial to stand up in a lab (docker run prom/prometheus, grafana/grafana), so observability-aiops doctor is the fastest live check (Prometheus /api/v1/status/buildinfo, Grafana /api/health).

Missing a capability?

Want another read, an analysis tuned, or a platform capability that isn't here? Open an issue or a PR — feedback and contributions are welcome.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

observability_aiops-0.1.1.tar.gz (132.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

observability_aiops-0.1.1-py3-none-any.whl (83.2 kB view details)

Uploaded Python 3

File details

Details for the file observability_aiops-0.1.1.tar.gz.

File metadata

  • Download URL: observability_aiops-0.1.1.tar.gz
  • Upload date:
  • Size: 132.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? Yes
  • Uploaded via: twine/6.1.0 CPython/3.13.12

File hashes

Hashes for observability_aiops-0.1.1.tar.gz
Algorithm Hash digest
SHA256 e05014e56bcef4eb022171f178e9bd5fa586d9db8dfe41d2e292c6a9e6828d86
MD5 09ffd2838a133140ab61d8529f760207
BLAKE2b-256 d423271dfc6021e97411378752307ec0101d7ce99e22f069f20d76c052bceb8d

See more details on using hashes here.

Provenance

The following attestation bundles were made for observability_aiops-0.1.1.tar.gz:

Publisher: publish.yml on AIops-tools/Observability-AIops

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

File details

Details for the file observability_aiops-0.1.1-py3-none-any.whl.

File metadata

File hashes

Hashes for observability_aiops-0.1.1-py3-none-any.whl
Algorithm Hash digest
SHA256 50c0bbaa15fd8a00ad40b3a9c341bb0ec7961a25e65b51f5eebe0acd932e9d7b
MD5 12444c619bc4028a06a0bad928c8ea65
BLAKE2b-256 59891991617ffbba55dd9c0e5b13476aa5d34090ff6c3756705fdcacf2435d7e

See more details on using hashes here.

Provenance

The following attestation bundles were made for observability_aiops-0.1.1-py3-none-any.whl:

Publisher: publish.yml on AIops-tools/Observability-AIops

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page