Understanding AI Insights

The AI Insights tab is a powerful feature within the CI Details view that provides deep analysis, recommendations, and security assessments for your Configuration Items (CIs). Powered by advanced AI models (Claude 4.5 series via AWS Bedrock), it transforms raw scan data into actionable intelligence.

How Insights are Generated

The generation of AI Insights is a sophisticated backend process designed to extract meaningful information while ensuring data privacy and security.

1. Data Collection: The process begins with the raw scan data collected from a CI. This can include system information, hardware specifications, network configurations, installed software, running processes, and more.

2. Data Cleansing: Before analysis, the system automatically cleanses the data to remove sensitive information. For example, details of user accounts are replaced with a simple count to protect privacy.

3. AI Analysis Prompt: A detailed prompt is constructed, instructing the AI model to act as an expert IT systems analyst. The prompt guides the AI to analyze the data from multiple perspectives. The backend service responsible for this is backend/services/scanProcessors/ciai_insights.js.

4. AI Model Interaction: The cleansed data and the detailed prompt are sent to the Claude AI model via AWS Bedrock. The model processes the information and generates a comprehensive analysis.

5. Storing Insights: The generated insights are then stored in the database, linked to the specific CI. This allows the information to be retrieved quickly without needing to regenerate it every time the tab is viewed.

What is Generated?

The AI engine is prompted to provide a multi-faceted analysis, which is then structured and presented in the UI. The analysis covers several key areas:

• Security Analysis: Identifies potential vulnerabilities, security misconfigurations, outdated software with security implications, and user account security concerns.
• Infrastructure Assessment: Evaluates hardware specifications, resource allocation, potential bottlenecks, performance considerations, and capacity planning recommendations.
• Software Inventory Analysis: Reviews key software components, version management concerns, potential license compliance issues, and redundant or conflicting software.
• Network Connectivity: Analyzes important network dependencies, communication patterns, and potential network bottlenecks.
• Configuration Review: Highlights notable system configurations, optimization opportunities, and compliance considerations.

The AI Insights Tab Interface

The frontend component, frontend/src/components/CMDB/AIInsightsTab.tsx, renders this complex data in a user-friendly and interactive interface.

Figure 1: The tabbed interface showing Advanced Analysis, Compliance, and Security.

Key UI Components and Metrics

• Tabbed Views: The interface is organized into three main tabs:

  • Advanced Analysis: Provides a detailed breakdown of the CI's configuration, relationships, and potential issues.
  • Compliance: Assesses the CI against various compliance standards like SOX, HIPAA, and PCI-DSS.
  • Security: Focuses on detecting and reporting potential security vulnerabilities.

• Analysis Sections: Within the "Advanced Analysis" tab, insights are broken down into categorized cards or an accordion view for easy digestion:

  • Overview: A high-level summary of the CI's state.
  • Key Relationships: Lists critical connections to other CIs, highlighting their importance.
  • Recommendations: Actionable suggestions for improvement, optimization, or remediation.
  • Risk Factors: Potential risks associated with the CI's configuration or environment.
  • Anomalies Detected: Any unusual or unexpected findings from the scan data.

  Figure 2: Detailed analysis sections for a CI.

• Interactivity:

  • Regenerate Insights: A button allows users to trigger a new analysis if the CI's data has changed.
  • Display Modes: Users can switch between a "cards" view and a more compact "accordion" view.
  • Connection Status: The UI intelligently checks for backend and AI service connectivity and provides informative error messages if services are unavailable.

  Figure 3: An example of the Security and Compliance analysis.

By combining a powerful backend AI process with a thoughtful and interactive frontend, the AI Insights feature provides a deep, contextual understanding of your IT infrastructure, helping you make more informed decisions.