AI-Powered Security & Troubleshooting for DHIS2

This community innovation has been accepted at the 2026 DHIS2 Annual Conference as a physical poster.


AI-Powered Security & Troubleshooting for DHIS2

DHIS2 operations teams face growing challenges managing complex infrastructure stacks while ensuring system security and uptime. Manual log analysis is time-consuming, and staying current with security vulnerabilities across multiple components (DHIS2, Tomcat, PostgreSQL, Nginx, Operating System) requires constant vigilance. We have developed an AI/ML-powered platform addressing three critical needs: Automated Troubleshooting: The service processes error logs from DHIS2, Tomcat, PostgreSQL, and Nginx. Administrators can submit log excerpts, screenshots, or problem descriptions. An LLM analyzes inputs and returns verified solutions, prioritizing official sources including DHIS2 Jira, Community of Practice, and official documentation, and optionally an organization’s curated internal knowledge (CMDB, ticketing/ITSM history, runbooks, and vetted internal PDFs) to capture site-specific configuration and past resolutions. Vulnerability Watchdog: The service sends a reference date and system component versions to an LLM that orchestrates queries to GitHub Security Advisories (dhis2/dhis2-core), CVE databases, and official advisories from Nginx, Tomcat, PostgreSQL, and Operating System and returns a consolidated vulnerability matrix with severity ratings, affected versions, and recommended patches or workarounds. Anomaly Detection: The system monitors logs for security threats including unauthorized access attempts, unusual server loads, suspicious API usage and potential cyberattacks. Machine learning models identify patterns indicative of threats, enabling proactive response. All findings are communicated through automated alerts (email, Slack, Teams) , enabling rapid response. This solution demonstrates how AI can enhance DHIS2 infrastructure management ensuring implementations stay ahead of security exploits and application issues, strengthening security posture and reducing administrative burden.

Primary Author: Daniel Castelao Suarez


Keywords:
DHIS2, troubleshooting, vulnerabilities, anomaly detection, security, CVE, monitoring, AI, ML

You can check the poster that will be presented during dac2026
If you have any questions/comments/ideas, please ping @dcastelao

Hi @dcastelao !

Excellent initiative. Combining AI-powered troubleshooting, vulnerability monitoring, and anomaly detection can significantly strengthen DHIS2 operations while reducing the burden on system administrators. The focus on trusted sources and proactive security monitoring makes this particularly valuable for large-scale health information systems.

Very impressive

Very relevant

Intresting but quite complex. Will any GPT work or any special requirement?

@dcastelao This is vey impressive innovation kudos

Good approach

Interesting to get vulnerability flags on the fly. Progresive scanning of vulnerabiliies and instand notifications serves a great deal

Interested in this for server management

Hi everyone,

Thank you so much for the comments and interest in this work.
After an intense and productive week at DAC 2026, we are planning to share more material in the Community of Practice over the coming days and weeks, including additional technical details, resources, example reports, demo videos, … We’re also hoping to present it at an upcoming UiO Developers Meet-up and/or Server Admin Meet-up.

@Kuber_Adhikari, regarding your question: There’s no dependency on a specific provider. We’ve developed our work by deploying models locally to keep the data on-premises, although it could be integrated with models via API. However, the important thing is the MCP/tools layer and the reliable evidence that supports it, not just the model itself. LLM helps with summaries, explanations, and translations. We are currently using qwen2.5:14b running locally. Any other alternative must be tested to verify that it gives us the expected results.

We’ll keep this thread updated and we would be very happy to gather ideas and feedback from the community.