AI Admin Lab

Previous Next

Context

You are a Linux system administrator responsible for investigating unusual activity on a server.

Users have reported:

  • Slow system performance
  • Possible SSH brute-force attempts
  • Disk usage increasing unexpectedly

Your goal is to use AI as an assistant to investigate the system and develop automation scripts that help diagnose and mitigate the issue.

However, AI output must always be verified manually before execution.

Lab Objectives

By the end of this lab you will:

  • Use AI to assist with system diagnostics
  • Analyze authentication logs
  • Generate and refine Bash scripts
  • Detect unsafe or incorrect AI-generated commands
  • Build a reusable system diagnostic script

Rules

You may use an AI assistant to:

  • Generate commands
  • Explain commands
  • Draft scripts
  • Review scripts

However:

  • You must verify every command
  • You must test in a safe environment
  • You must document AI mistakes

Environment Assumptions

Assume the system contains:

/var/log/auth.log
/var/log/syslog
/home
/tmp
/etc

Your scripts must run on a standard Linux system.

Part 1 – System Reconnaissance

Your first task is to assess the state of the system.

Use AI to help you discover commands that answer the following questions:

Task 1

Identify the top 10 directories consuming the most disk space.

Expected tools may include:

  • du
  • sort
  • head

Document:

  • The prompt you used
  • The command generated by AI
  • Any corrections you made

Task 2

List the largest files larger than 200MB in /home.

Requirements:

  • Sort by size
  • Do not delete anything
  • Use human-readable output

Task 3

Check current CPU and memory usage.

Expected commands may include:

top
htop
free
vmstat

Explain the output in your report.

Part 2 – Security Investigation

Users suspect SSH brute-force attacks.

Analyze /var/log/auth.log.

Task 4 – Failed Login Attempts

Extract all failed SSH login attempts.

Example pattern:

Failed password

Tasks:

  • Count failed attempts
  • Identify the most common attacking IP addresses

Your output should produce something like:

25 attempts - 192.168.1.20
18 attempts - 10.0.0.8

Task 5 – Successful Logins

Find:

  • All successful SSH logins
  • Associated usernames
  • Source IP addresses

Explain any suspicious patterns.

Part 3 – AI-Assisted Script Development

You will now build a system diagnostic script.

Your script should automate several checks.

Script Requirements

Create a script named:

system_diagnostic.sh

The script must:

  1. Display disk usage summary
  2. Show top 5 largest directories in /var
  3. Count failed SSH login attempts
  4. Show current memory usage
  5. Log results to a file

Example log file:

diagnostic_report.log

Constraints

Your script must:

  • Use #!/bin/bash
  • Handle missing log files gracefully
  • Quote variables correctly
  • Use clear output formatting

Example Output

===== System Diagnostic =====

Disk Usage:
/dev/sda1  78% used

Top directories in /var:

1. /var/log
2. /var/lib
   ...

Failed SSH attempts: 52

Memory usage:
Used: 3.1GB
Free: 1.2GB

Report saved to diagnostic_report.log

Part 4 – Script Review Using AI

After writing your script:

Ask AI to review it with the prompt:

Review this bash script for:

* security vulnerabilities
* quoting issues
* error handling problems
* possible improvements

Then:

  • Apply improvements
  • Explain what AI detected

Part 5 – Detect AI Mistakes

AI is not always correct.

Document at least two mistakes AI made, such as:

  • invented flags
  • unsafe commands
  • inefficient pipelines
  • incorrect assumptions about logs

Explain how you corrected them.

Bonus Challenge (Advanced)

Extend your script so that it also detects world-writable files.

Hint:

find / -perm -002

But consider:

  • performance
  • safe directories to scan

Deliverables

Submit:

  1. Your final script
  2. A short report including:
  3. prompts used
  4. commands generated
  5. corrections applied
  6. AI mistakes detected
  7. Sample output of the script

Evaluation Criteria

Criteria Points
Command correctness 25
Script functionality 25
Error handling 20
AI usage documentation 15
Security awareness 15

Total: 100 points

Final Reflection

Answer briefly:

  1. In which tasks was AI most helpful?
  2. Where was AI unreliable?
  3. How should sysadmins safely integrate AI in their workflow?
AI Admin AI Admin Lab 2