This community innovation has been accepted at the 2026 DHIS2 Annual Conference as a physical poster.
AI-Powered Security & Troubleshooting for DHIS2
DHIS2 operations teams face growing challenges managing complex infrastructure stacks while ensuring system security and uptime. Manual log analysis is time-consuming, and staying current with security vulnerabilities across multiple components (DHIS2, Tomcat, PostgreSQL, Nginx, Operating System) requires constant vigilance. We have developed an AI/ML-powered platform addressing three critical needs: Automated Troubleshooting: The service processes error logs from DHIS2, Tomcat, PostgreSQL, and Nginx. Administrators can submit log excerpts, screenshots, or problem descriptions. An LLM analyzes inputs and returns verified solutions, prioritizing official sources including DHIS2 Jira, Community of Practice, and official documentation, and optionally an organization’s curated internal knowledge (CMDB, ticketing/ITSM history, runbooks, and vetted internal PDFs) to capture site-specific configuration and past resolutions. Vulnerability Watchdog: The service sends a reference date and system component versions to an LLM that orchestrates queries to GitHub Security Advisories (dhis2/dhis2-core), CVE databases, and official advisories from Nginx, Tomcat, PostgreSQL, and Operating System and returns a consolidated vulnerability matrix with severity ratings, affected versions, and recommended patches or workarounds. Anomaly Detection: The system monitors logs for security threats including unauthorized access attempts, unusual server loads, suspicious API usage and potential cyberattacks. Machine learning models identify patterns indicative of threats, enabling proactive response. All findings are communicated through automated alerts (email, Slack, Teams) , enabling rapid response. This solution demonstrates how AI can enhance DHIS2 infrastructure management ensuring implementations stay ahead of security exploits and application issues, strengthening security posture and reducing administrative burden.
Primary Author: Daniel Castelao Suarez
Keywords:
DHIS2, troubleshooting, vulnerabilities, anomaly detection, security, CVE, monitoring, AI, ML
1 Like