Good old software engineering has long relied on Bash scripts to handle small but critical activities. Whether it is scheduling cron jobs, managing files, or processes of automating system processes, Bash has remained a brutal simple, fast, and reliable tool for each engineer. But with increasing AI revolution – I was experimenting with a new type of automation. One that does not depend on hard-coded logic, but rather Reasoning. LLMs that can not only perform as much of the same functions as the bash scripts, but do so as the technical minutiae of the script prevents me.
This post explores a question that I truly curious about: Can large language models (LLMs) or even replace traditional Bash scripts supplement real-world infrastructure activities? I was trying to test it with some of my own tools – and honestly, I was surprised at how well an LLM could interpret the logs and surfaces of significant views, with zero script.
Let's get a simple use case to show – extract Last 10 critical error entries from a log log (eg. /var/log/syslog) and generate a Summary of what went wrong.
The traditional way: bash script still stone
A simple bash script that can be used to perform the task at hand:
#!/bin/bash
grep -iE "error|fail" /var/log/syslog | tail -n 10
If we can break the line above,
- grep: searches text using patterns
- -i: case-insensitive matching (matches "ERROR", "error", etc.)
- -E: enables extended regex (lets you use | as "OR")
- "error|fail": matches lines that contain either "error" or "fail"
- /var/log/syslog: the file being searched
- | tail -n 10: pipes the results into tail, which returns the last 10 lines
The result of the above command will display 10 latest log lines containing “error” or “fail”. (As our expected result from the problem statement)
Now lets view an instance of output
Apr 21 10:15:01 myhost CRON[31582]: (root) CMD (run-parts /etc/cron.hourly)
Apr 21 10:15:02 myhost systemd[1]: Failed to start Network Time Synchronization.
Apr 21 10:16:05 myhost kernel: [12345.67] CPU0: Core temperature above threshold, cpu clock throttled
Apr 21 10:18:11 myhost systemd[1]: Starting Cleanup of Temporary Directories...
Apr 21 10:18:12 myhost systemd[1]: Finished Cleanup of Temporary Directories.
Apr 21 10:20:43 myhost sshd[31612]: Failed password for invalid user admin from 192.168.1.5 port 60522 ssh2
Apr 21 10:21:00 myhost sudo[31645]: pam_unix(sudo:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/0 ruser=user rhost= user=user
Apr 21 10:21:05 myhost systemd[1]: Failed to start User Manager for UID 1001.
Apr 21 10:22:34 myhost app[31710]: Error loading configuration: file not found
Apr 21 10:23:15 myhost docker[31750]: container failed to start due to missing environment variable
From the logs above, we will find many issues about systemd processes that have not started, the overheating warnings, app configs and container starting issues. With a bash script, the processes stop raw data. It is up-to users to understand and intercept the output, perform a root cause and repair analysis. Summary,
- Output is no context
- The output is no category
- There is no explanation of what is next
The Ai Alternative: Using LLMS for Log Summating
Here's where the LLMs are entering! What if we could add another step to this process to make it earlier for a user to understand the meaning of these mistakes and guide them with fixing steps?
In this example, I used a simple summarization API from Cohere. To run this, you will need to create an API key from CoHere (or a similar LLM provider) and assign it to coere_api_key.
import cohere
cohere_api_key="Enter key here"
co = cohere.Client(cohere_api_key)
log_text = """
Apr 21 10:15:01 myhost CRON[31582]: (root) CMD (run-parts /etc/cron.hourly)
Apr 21 10:15:02 myhost systemd[1]: Failed to start Network Time Synchronization.
Apr 21 10:16:05 myhost kernel: [12345.67] CPU0: Core temperature above threshold, cpu clock throttled
Apr 21 10:18:11 myhost systemd[1]: Starting Cleanup of Temporary Directories...
Apr 21 10:18:12 myhost systemd[1]: Finished Cleanup of Temporary Directories.
Apr 21 10:20:43 myhost sshd[31612]: Failed password for invalid user admin from 192.168.1.5 port 60522 ssh2
Apr 21 10:21:00 myhost sudo[31645]: pam_unix(sudo:auth): authentication failure; logname= uid=1000 euid=0 tty=/dev/pts/0 ruser=user rhost= user=user
Apr 21 10:21:05 myhost systemd[1]: Failed to start User Manager for UID 1001.
Apr 21 10:22:34 myhost app[31710]: Error loading configuration: file not found
Apr 21 10:23:15 myhost docker[31750]: container failed to start due to missing environment variable
"""
prompt = f"""
You are an AI system assistant. Here are recent log entries:
{log_text}
Summarize:
1. What went wrong
2. Any recurring or serious issues
3. Suggested next steps
"""
response = co.generate(
model="command-xlarge",
prompt=prompt,
max_tokens=200
)
print(response.generations[0].text)
Let's look at the output from the above mentioned program:
The recent log entries indicate several issues:
1. There are errors and failures mentioned across different services, indicating some system instability. These include:
- Failed attempts to authenticate invalid users for SSH and sudo.
- cron and systemd errors starting the Network Time Synchronization and Cleanup of Temporary Directories.
- Failure to start the User Manager for UID 1001.
- An application error loading the configuration file.
- A Docker container failure due to a missing environment variable.
2. Based on the log entries, no single issue is particularly recurring, but several different errors are frequent enough to be cause for concern.
3. It is suggested to investigate and address the specific causes of the aforementioned issues to ensure the system functions optimally and securely. This may include reviewing authentication settings, checking system services configurations, verifying file locations for the configuration file, and inspecting the Docker container settings. Also, it is important to consider if any messages are explicitly highlighted across the logs,
Now, let's level up the prompt a bit to get a structured output, along with the end of Chat API.
response = co.chat(
model="command-r",
message=f"""
You are a system assistant. Given the logs below, extract all relevant issues and organize them into a table with these three columns:
1. Issue
2. Severity (Low / Medium / High / Critical)
3. Troubleshooting Recommendation""")
Here is the result generated by LLM:
|
Issue |
Kalubha |
Adjustment |
|---|---|---|
|
Network Time Failed to start to start |
Moderate |
Check system logs for any timing or failed network requests and ensure time zone settings are correct. |
|
CPU temperature above the threshold, the CPU clock is that -throttled |
High |
Monitor the CPU temperature and consider the addition of CPU cooling solutions. CPU performance can be affected. |
|
Failed password attempt from improper user |
Low |
No immediate action is required, but monitor the weakening activity. It is recommended to ensure strong passwords and enabling two-factor validation. |
|
Validation Failure for the user |
Low |
Ensure that the user permissions and validation procedures are set up correctly. Check for typos or misconceptions. |
|
User manager for UID 1001 failed to start |
Moderate |
Inspect the specific error message and check if the user's account is active and existing. |
|
Loading Loading: File is not found |
High |
Find the missing configuration file and make sure the file path is correct. The application may not work properly until it is resolved. |
|
Docker container failure due to the missing variable of the environment |
Critical |
Check the configuration of the container and ensure that the required variables of the environment are set. The application or service that depends on this container may not work. |
More than LLMS: Enter AI agent
It's solid, but it can use a little energy to tee the comparison table. While Bash has served as a reliable workhorse for system automation, and LLMs offer a huge jump in interpreting infrastructure data such as logs, they both operate within well-defined boundaries. The bash is determinist and fast, while LLMs are contextual and flexible-but still rely on signals that are triggered by man. Here Ai agents Come in.
Agents go to one step yet – they not only respond to signals, they designed act on goalsUse tools, make decisions, and even loop by retries or increased autonomy issues. Imagine a system that not only summarizes errors but reads logs, links events, check service health, and open a Jira ticket – all without lifting one finger.
Bash vs llms vs ai agents
Here's a quick comparison to i -highlight how these methods are different:
|
Feature / ability |
Bash |
Llm |
AI agent |
|---|---|---|---|
|
Implementation of the task |
Single -purpose scripts |
One-off summary or reasoning |
Multi-step, goal-driven flows |
|
Error detection |
GRep/Filter with keywords |
Understand and summarize contextual errors |
Spies, interprets, and responded to follow-up actions |
|
Output format |
Raw text or structured output |
Summary read by the person / structured response |
Can return summaries, alerts, logs, or take real-time actions |
|
Context health |
❌ No. |
✅ some (within immediate length) |
✅✅ Maintains memory, it can repeat in inputs |
|
Decision making |
❌ logic to be hardcoded |
⚠️ Limited (only within instructions) |
✅ Yes – Can reason and select tools based on needs |
|
Autonomy |
❌ Manu -No Invocation |
❌ Need a Person Prompt |
✅ can work with high -level goals, re -prepare, rise |
|
Using tool |
CLI utility |
API or local recognition only |
Combines tools such as system checks, logs, alerts, api |
|
Flexibility |
❌ static |
⚠️ Prompt-depend |
✅ Learned and Adapts within Session or Flow |
|
Complexity of Code |
✅ Simple (but verb over time) |
✅ Simple (some lines with prompt) |
⚠️ More complicated (requires orchestra logic) |
|
Best for |
Simple, repeated -tasks |
Interpretation, summarizing, classifying |
Complex infra automation, real-time monitoring, remediation |
We are in the interesting -friendly crossroads when it comes to automation. Bash is still go-to for fast, repeated tasks-and probably always will be. But with LLMs and agents walking, there is a new way to approach problems that request more context, flexibility, or even decision making. It's not about changing a bash, but about using the right tool for work-whether it's a script, a prompt, or a completely autonomous agent. As these technologies grow older, I find myself less thinking like a scripter and more like a system architect – connecting tools, shaping workflows, and designing for flexibility.
