turnstone

History

pyr0ball 0693e1fd54 feat: anomaly scoring pipeline (#10 ) - Add app/services/anomaly.py: batch scorer using HF text-classification pipeline; rewrites anomaly_score/anomaly_label/anomaly_scored_at on log_entries; inserts high-confidence hits into detections table - Add app/tasks/anomaly_scorer.py: background task (same shape as glean_scheduler); triggered after each glean cycle when TURNSTONE_ANOMALY_MODEL is set - DB schema: add anomaly_score/anomaly_label/anomaly_scored_at columns to log_entries (idempotent ALTER TABLE migration); add detections table - Wire scorer into scheduler_loop and glean_scheduler.run_once; no-op when model env var is empty (safe to leave unconfigured) - REST endpoints: GET/POST /api/anomaly/status, /api/anomaly/run, GET /api/anomaly/detections, POST /api/anomaly/detections/{id}/acknowledge - Reuses Hybrid-BERT label map from diagnose/classifier.py; works with any HF text-classification model - 12 new tests; 406/406 passing Closes: #10		2026-06-09 11:15:13 -07:00
..
context	feat: dual-backend SQLite/Postgres + multi-tenant source namespacing	2026-06-08 08:37:54 -07:00
__init__.py	feat: initial Turnstone POC — ingest, FTS search, MCP server	2026-05-08 12:12:34 -07:00
test_anomaly.py	feat: anomaly scoring pipeline (#10 )	2026-06-09 11:15:13 -07:00
test_blocklist_endpoints.py	Merge feat/32-domain-view: domain-view mapping for patterns and diagnose output (#32 )	2026-06-01 20:01:19 -07:00
test_diagnose_classifier.py	feat(classifier): add Hybrid-BERT label mapping shim (#41 )	2026-06-01 16:20:31 -07:00
test_diagnose_hypothesizer.py	fix: defensive coercion for LLM confidence and cluster fields in hypothesizer	2026-05-25 14:00:30 -07:00
test_diagnose_pipeline.py	feat: Stage 5 synthesizer + pipeline orchestrator + feature flag wiring (issue #29 )	2026-05-25 14:56:25 -07:00
test_diagnose_suppressor.py	fix: invert suppress_threshold semantics to similarity_threshold in FalsePositiveSuppressor	2026-05-25 18:58:52 -07:00
test_diagnose_synthesizer.py	feat: Stage 5 synthesizer + pipeline orchestrator + feature flag wiring (issue #29 )	2026-05-25 14:56:25 -07:00
test_diagnose_timeline.py	feat: Stage 1 — TimelineReconstructor for multi-agent diagnose pipeline (issue #29 )	2026-05-25 12:54:15 -07:00
test_export_corpus.py	feat: periodic corpus export — push ERROR/CRITICAL entries and incidents to Avocet	2026-05-11 17:08:35 -07:00
test_glean_dmesg.py	refactor: rename ingest → glean throughout codebase	2026-05-20 23:02:55 -07:00
test_glean_fingerprint.py	feat: dual-backend SQLite/Postgres + multi-tenant source namespacing	2026-06-08 08:37:54 -07:00
test_glean_pipeline_ssh.py	feat: SSH remote host glean — transport layer and pipeline integration (closes #22 , backend)	2026-05-20 23:03:13 -07:00
test_glean_qbittorrent.py	refactor: rename ingest → glean throughout codebase	2026-05-20 23:02:55 -07:00
test_glean_ssh.py	feat: SSH remote host glean — transport layer and pipeline integration (closes #22 , backend)	2026-05-20 23:03:13 -07:00
test_glean_syslog.py	refactor: rename ingest → glean throughout codebase	2026-05-20 23:02:55 -07:00
test_glean_tautulli.py	feat: domain-view mapping for patterns and diagnose output (#32 )	2026-06-01 19:57:16 -07:00
test_glean_wazuh.py	refactor: rename ingest → glean throughout codebase	2026-05-20 23:02:55 -07:00
test_hybrid_search.py	feat: dual-backend SQLite/Postgres + multi-tenant source namespacing	2026-06-08 08:37:54 -07:00
test_service_blocklist.py	refactor: rename ingest → glean throughout codebase	2026-05-20 23:02:55 -07:00
test_service_pihole.py	fix(blocklist): validate _v6_auth session JSON, add auth-failure test	2026-05-15 21:03:03 -07:00
test_services_diagnose.py	refactor: rename ingest → glean throughout codebase	2026-05-20 23:02:55 -07:00
test_services_llm.py	feat: switch LLM backend to OpenAI-compat; add cf-orch remote inference support	2026-05-12 12:58:38 -07:00
test_watch_watcher.py	feat: add file tail source type; configure example-node watchers	2026-05-11 15:44:10 -07:00