Skip to main content

๐Ÿฉบ VPS Vital Signs Monitor โ€” read-only SSH diagnostics with root-cause analysis

Project description

๐Ÿฉบ vitals-vps

Read-only SSH server diagnostics with plain-English root-cause analysis.

PyPI Version Python Support License: MIT


Connect to any Linux VPS with your root credentials and get an instant, full-colour report on what's going wrong. vitals-vps acts as an automated system administrator, identifying CPU spikes, active brute-force attacks, memory pressure, disk exhaustion, and zombie processesโ€”and gives you the exact commands to fix them.

โœ… 100% Safe & Read-Only: Every command is strictly filtered through a safety blocklist. No files are created, modified, or deleted. No services are restarted.


๐Ÿš€ Installation

Install globally via pip:

pip install vitals-vps

(Requires Python 3.8+, paramiko, and rich)


๐Ÿ’ป Usage

You can use vitals-vps straight from your terminal or programmatically via Python.

Terminal CLI

# Prompt for password (recommended)
vitals 192.168.1.10 --ask-pass

# Use an SSH key instead of a password
vitals 192.168.1.10 --key ~/.ssh/id_rsa

# Non-standard port or user
vitals 192.168.1.10 --port 2222 --user ubuntu --ask-pass

# Verbose mode: Also show raw process lists, log excerpts, and port tables
vitals 192.168.1.10 --ask-pass --verbose

Python API (Jupyter / Scripts / Google Colab)

Perfect for integrating into automated monitoring dashboards or running from Jupyter Notebooks.

import vitals

# Print the full styled report to your screen
vitals.info("192.168.1.10", password="mypassword")

# Use key-based authentication
vitals.info("192.168.1.10", user="ubuntu", key="~/.ssh/id_rsa")

# Silent execution: Returns a list of Finding objects for automation
findings = vitals.scan("192.168.1.10", password="mypassword")

critical_issues = [f for f in findings if f.severity.value == "critical"]
for issue in critical_issues:
    print(f"Alert: {issue.title}")

๐Ÿ” What It Checks

Category Diagnostic Targets
โšก CPU Load average vs core count, CPU utilization %, I/O wait (iowait), runaway background processes.
๐Ÿง  Memory RAM allocation, available memory, swap usage, and recent OOM (Out-of-Memory) killer events.
๐Ÿ’ฝ Disk Partitions > 80% full, inode exhaustion, largest hidden directories, disk I/O bottlenecks.
๐ŸŒ Network Connection floods, top remote IPs, TIME_WAIT socket buildup, and open listening ports.
๐Ÿ›ก๏ธ Security SSH brute-force attacks, top attacking IPs, fail2ban status, firewall presence, active sessions, and unauthorized UID-0 accounts.
โš™๏ธ Processes Zombie processes, D-state (I/O-blocked) processes, and failed systemd services.
๐Ÿ“œ Logs dmesg kernel errors, systemd journal errors, and web server / database error logs.

๐Ÿ“Š Sample Output

โ•ญโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฎ
โ”‚             System Identity                 โ”‚
โ”‚  Host     my-server.example.com            โ”‚
โ”‚  OS       Ubuntu 22.04.3 LTS               โ”‚
โ”‚  Kernel   5.15.0-89-generic                โ”‚
โ”‚  Uptime   up 12 days, 4 hours              โ”‚
โ”‚  CPU      Intel Xeon E5-2670 v2            โ”‚
โ”‚  Cores    4                                โ”‚
โ•ฐโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ•ฏ

โ”Œโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”
โ”‚         Diagnostic Scorecard                 โ”‚
โ”‚  Category   Status       Findings            โ”‚
โ”‚  CPU        โ— CRITICAL   1 issue(s)          โ”‚
โ”‚  Memory     โ— CRITICAL   2 issue(s)          โ”‚
โ”‚  Disk       โœ… OK         All clear           โ”‚
โ”‚  Network    โš  WARNING    1 issue(s)          โ”‚
โ”‚  Security   โ— CRITICAL   2 issue(s)          โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜

โ”€โ”€ CPU โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€
๐Ÿ”ด Extreme load average: 8.4 on 4 core(s)
  ๐Ÿ“‹ 1-min load=8.4, 5-min=6.2, 15-min=4.1. With 4 cores,
     the system has ~2x more runnable work than it can handle.
  ๐Ÿ’ก What to do: Identify the runaway process(es)โ€ฆ
  ๐Ÿ“Œ Commands:
     ps aux --sort=-%cpu | head -15
     top -b -n1 | head -20

โ”€โ”€ Security โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€
๐Ÿ”ด Active brute-force attack: 47,312 SSH login failures
  ๐Ÿ“‹ 47,312 failed SSH login attempts found in auth log.
  ๐Ÿ’ก What to do:
     1. Install fail2ban immediately to auto-ban attackers.
     2. Change SSH to a non-standard port (e.g. 2222).
     3. Disable password login โ€” use SSH keys only.
  ๐Ÿ“Œ Commands:
     apt install fail2ban -y
     systemctl enable --now fail2ban

๐Ÿ”’ Safety Guarantees

  • Hardware Level Guard: Every SSH command runs through a rigorous blocklist filter. If a command string contains anything resembling a write, delete, kill, or install operation, it immediately raises a ValueError before sending it to your server.
  • No Artifacts Left Behind: No temporary data is written to disk. The tool runs entirely in memory, prints the results, and cleanly closes the SSH connection.
  • Secure Key Management: The SSH client leverages AutoAddPolicy for seamless connections, but strictly logs host keys to prevent man-in-the-middle attacks.

๐Ÿ—บ๏ธ Roadmap

  • --output json flag for piping directly into CI/CD or alerting pipelines
  • --watch mode: re-scan every N seconds for live monitoring
  • HTML report export for client delivery
  • Docker container support (scan via docker exec)
  • Baseline comparison mode: diff current findings against a historical baseline

โš–๏ธ License

This project is licensed under the MIT License.

You are free to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software in both private and commercial environments, provided that the original copyright notice and permission notice are included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vitals_vps-0.2.3.tar.gz (38.8 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

vitals_vps-0.2.3-py3-none-any.whl (36.2 kB view details)

Uploaded Python 3

File details

Details for the file vitals_vps-0.2.3.tar.gz.

File metadata

  • Download URL: vitals_vps-0.2.3.tar.gz
  • Upload date:
  • Size: 38.8 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.10

File hashes

Hashes for vitals_vps-0.2.3.tar.gz
Algorithm Hash digest
SHA256 11c3938af7d82525e2843d8c72e92fde6fdeec2e39eeb0d6974c38ee2038d3b8
MD5 d83a5f85b18461433f7f7c05d051bf8a
BLAKE2b-256 3fa7d3d39249d9358af8145c4c85beab5bf2437e4a1430f120d5513d76ce1e4c

See more details on using hashes here.

File details

Details for the file vitals_vps-0.2.3-py3-none-any.whl.

File metadata

  • Download URL: vitals_vps-0.2.3-py3-none-any.whl
  • Upload date:
  • Size: 36.2 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.12.10

File hashes

Hashes for vitals_vps-0.2.3-py3-none-any.whl
Algorithm Hash digest
SHA256 e8572de351924c02ae5871fc165853f61ae4a02fdc3c60f50b4faf92d5423b24
MD5 d7c76aa73fd9be61ba2ca8e3f9ba40e7
BLAKE2b-256 dc41ca1e9ba3bf6ce2912b601f5c5731fc6e543350b090c9d032ad5c45fe80dc

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page