← 返回 Skills 市场
pranavj17

Graylog Log Search

作者 Pranav Jagadish · GitHub ↗ · v1.0.3 · MIT-0
cross-platform ✓ 安全检测通过
122
总下载
0
收藏
0
当前安装
1
版本数
在 OpenClaw 中安装
/install graylog-log-search
功能描述
Search and debug production logs via Graylog - absolute/relative time queries, stream filtering, system health checks
使用说明 (SKILL.md)

Graylog Log Search Skill

Search Graylog logs directly from your AI agent for production debugging. Query by absolute or relative timestamps, filter by application streams, and check system health.

Quick Start

Install

npm install -g [email protected]

Configure

Add to your OpenClaw or Claude Desktop MCP configuration:

{
  "mcpServers": {
    "graylog": {
      "command": "npx",
      "args": ["-y", "[email protected]"],
      "env": {
        "BASE_URL": "https://your-graylog-instance.example.com",
        "API_TOKEN": "your_graylog_api_token"
      }
    }
  }
}

To get your API token: Graylog Web UI > System > Users > Edit your user > Tokens > Create Token.

Verify

echo '{"jsonrpc":"2.0","id":1,"method":"initialize","params":{"protocolVersion":"2024-11-05","capabilities":{},"clientInfo":{"name":"test","version":"1.0.0"}}}' | BASE_URL=https://your-graylog.example.com API_TOKEN=your_token npx [email protected]

You should see a JSON response with protocolVersion and capabilities.

Overview

This skill provides 4 MCP tools for searching and monitoring Graylog:

Tool Description
search_logs_absolute Search logs between specific timestamps (ISO 8601)
search_logs_relative Search recent logs (last N seconds, default: 15 min)
list_streams Discover available application streams and their IDs
get_system_info Check Graylog version, health, and processing status

Core Tasks

  • "Search for ERROR logs in the last 15 minutes"
  • "Find all 500 errors from the payment service between 2pm and 3pm today"
  • "List available Graylog streams so I can filter by application"
  • "Check if Graylog is healthy and processing logs"
  • "Search for timeout errors in the API stream from the last hour"

Environment Variable Contract

Variable Required Description
BASE_URL Yes Full URL to your Graylog instance (e.g., https://graylog.example.com)
API_TOKEN Yes Graylog API token for authentication (Basic Auth)

Query Syntax

Uses Elasticsearch query syntax:

  • level:ERROR - Filter by log level
  • source:api-server - Filter by source
  • "connection timeout" - Exact phrase match
  • status:>=500 - Numeric range
  • message:*exception* - Wildcard match
  • level:ERROR AND source:payment - Boolean operators

Security & Guardrails

  • Read-only access: No write operations to Graylog - only searches and listing
  • Credential isolation: API token stored in environment variables, never in code or logs
  • Request timeout: 30-second timeout prevents hanging requests
  • Result limits: Queries capped at 1000 messages maximum, 50 by default
  • Input validation: All parameters validated before API calls (query, timestamps, stream IDs, limits)
  • Error sanitization: Error messages never expose API tokens or sensitive internal details
  • Time range bounds: Relative searches limited to 24 hours maximum

Troubleshooting

Error Solution
"Missing environment variables" Set BASE_URL and API_TOKEN in your MCP config
"Authentication failed" Verify your API token is valid in Graylog UI
"Cannot reach Graylog" Check BASE_URL and network/VPN connectivity
"Invalid query" Check Elasticsearch query syntax
"Endpoint not found" Verify BASE_URL includes the correct Graylog URL (no trailing /api)

Release Notes

v1.0.3 (2026-04-08)

  • Extracted shared helpers for testable imports
  • Fixed credential leak in git history
  • 54 tests passing, all MCP protocol verified

v1.0.0 (2025-10-23)

  • First stable release with 4 tools
  • Fixed 5 critical bugs from initial implementation
  • Comprehensive test suite and documentation

Publisher

@Pranavj17

安全使用建议
This skill appears to be what it claims (Graylog search) but it relies on an external npm package that is not included in the registry. Before installing or running it: (1) inspect the [email protected] package source (GitHub/npm) to ensure it’s trustworthy; (2) prefer installing packages locally under controlled accounts rather than running npx with production credentials; (3) use a least-privilege Graylog API token (short-lived or limited-scope service account) and avoid exposing tokens in shared logs/CI; (4) pin versions and review release notes/releases for the npm package; (5) consider running the connector in an isolated environment (sandbox/VPC) and monitoring its network activity. If you cannot review the external npm package, treat this integration as higher risk.
能力标签
cryptocan-make-purchases
能力评估
Purpose & Capability
Name, description, and required env vars (BASE_URL, API_TOKEN) align with a Graylog search/monitoring skill; nothing requested is obviously unrelated to log searching.
Instruction Scope
SKILL.md stays within log-search and monitoring tasks and does not request unrelated files or secrets, but it instructs the agent/operator to install/run an external MCP server (mcp-server-graylog) via npm/npx which will execute code outside the skill bundle.
Install Mechanism
The registry package contains no code and the README directs users to npm/npx ([email protected]). That means runtime code will be fetched and executed from the public npm registry (moderate risk); the registry did not include or vet that package content.
Credentials
Only BASE_URL and API_TOKEN are required, which are appropriate and proportional for connecting to a Graylog instance; primary credential is API_TOKEN as declared.
Persistence & Privilege
Skill is not always-enabled and does not request modifying global agent settings; no persistence or elevated privileges are requested by the skill manifest.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install graylog-log-search
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /graylog-log-search 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.3
- Extracted shared helpers to enable better testability - Fixed credential leak in code history - All MCP protocol tests passing (54 tests) - Enhanced documentation and troubleshooting sections
元数据
Slug graylog-log-search
版本 1.0.3
许可证 MIT-0
累计安装 0
当前安装数 0
历史版本数 1
常见问题

Graylog Log Search 是什么?

Search and debug production logs via Graylog - absolute/relative time queries, stream filtering, system health checks. 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 122 次。

如何安装 Graylog Log Search?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install graylog-log-search」即可一键安装,无需额外配置。

Graylog Log Search 是免费的吗?

是的,Graylog Log Search 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Graylog Log Search 支持哪些平台?

Graylog Log Search 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Graylog Log Search?

由 Pranav Jagadish(@pranavj17)开发并维护,当前版本 v1.0.3。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191113 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论