ninoxai

ninoxai subcommand

ninoxai (also known as Nightwatch) is an open-source AI SRE layer that sits above monitoring systems such as Prometheus, Checkmk, Icinga2, Zabbix, and generic webhooks. It ingests non-OK alerts, groups related noise into incidents, scores flaky checks, and proposes tuning recommendations.The tool is read-only by design. It observes live systems through typed allowlisted capabilities for Docker, Kubernetes, AWS, Grafana, GitHub, Git mirrors, and host metrics, then forms a root-cause hypothesis and suggests fixes for human approval. It does not execute remediation, acknowledge alerts, or write back to production.A template LLM mode works fully offline with no API keys for summaries and rule-based recommendations. Connecting Anthropic, OpenAI, Mistral, or a local model enables the investigator agent.Distributed ninox runners can expose read-only capabilities from environments the central brain cannot reach directly. Runners dial out over outbound-only connections and keep credentials local.

serve

Start the dashboard and API on port 8765 by default

Load alerts from JSON or CSV

Normalize, cluster, score noise, and rebuild recommendations

Create synthetic alert data for offline demos

Run the read-only AI investigator against an incident

.env

Sets NINOXAI_SECRET_KEY and optional LLM provider credentials

Runs the dashboard, database, and optional embedding services together

Stores encrypted credentials for monitoring connectors

Remote LLM providers receive redacted alert and investigation context. Use the offline template provider if no data should leave the host.Connector adapters are read-only, but misconfigured credentials can still expose sensitive infrastructure metadata to the dashboard and investigator.Sandbox verification features require Docker and are marked beta.

docker(1), kubectl(1), python(1)