← 返回 Skills 市场
kikikari

Log Collector

作者 KikiKari · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ⚠ suspicious
66
总下载
0
收藏
1
当前安装
1
版本数
在 OpenClaw 中安装
/install log-collector
功能描述
Permanent log collection agent. Collects logs and history from all nodes via SSH/VPN every 3 hours. Stores in logs.db with 30-day retention. Multi-node capab...
使用说明 (SKILL.md)

Log Collector Sub-Agent

Permanenter Log-Sammel-Agent für alle Nodes im Cluster.

Aufgaben

Intervall Aufgabe Details
3 Stunden Node-Abfrage SSH über VPN zu allen Nodes
3 Stunden Log-Collection System-Logs, OpenClaw-Logs, VPN-Status
3 Stunden Datenbank-Update Schreibt in logs.db
Täglich Retention-Cleanup Löscht Logs > 30 Tage

Multi-Node Support

Node Verbindung Priorität
Node 1 (Gateway) Lokal Primär (Sammel-Node)
Node 2 (Netcup) SSH → 10.10.0.2 Abfrage-Ziel
Node 3 (xNetX) SSH → 10.10.0.3 Abfrage-Ziel
Node 4+ SSH → 10.10.0.X Variable Erreichbarkeit

VPN-Priorität

1. Tailscale (primär) → schneller, stabil
2. WireGuard (fallback) → zuverlässiger Tunnel
3. SSH WAN (letzter Fallback) → langsamster

Datenbank: logs.db

Tabellen

Tabelle Inhalt
nodes Bekannte Nodes mit VPN-IP, SSH-Keys
logs Gesammelte Logs (max. 30 Tage)
ssh_connections Verbindungs-Log (Erfolg/Fehler)
vpn_status Tailscale/WireGuard Status
collection_runs Abfrage-Tracking pro Durchlauf
node_logs_raw Roh-Logs unverarbeitet

Retention

-- Automatisch: Logs > 30 Tage löschen
DELETE FROM logs WHERE retention_until \x3C datetime('now');

Abfrage-Workflow

# Für jeden Node in nodes-Tabelle:
for node in nodes:
    # 1. VPN-Status prüfen
    vpn_status = check_vpn(node.tailscale_ip) or \
                 check_vpn(node.wireguard_ip)
    
    # 2. SSH-Verbindung versuchen
    if ssh_connect(node.ssh_key_path, node.vpn_ip):
        # 3. Logs abholen
        logs = ssh_exec('journalctl -n 1000')
        
        # 4. In logs.db speichern
        insert_logs(node.node_id, logs)
    else:
        # 5. Fehler loggen
        insert_ssh_error(node.node_id, "Connection failed")

Variable Erreichbarkeit

Szenario Verhalten
Node immer erreichbar Normale Abfrage, vollständige Logs
Node manchmal erreichbar Best-effort, sammelt wenn möglich
Node nie erreichbar Wird trotzdem versucht, Fehler geloggt
Gateway offline Lokale Buffer, später Übertragung

Berechtigungen

exec: read_write_ssh
nodes: query_all
logs: collect_store
retention: cleanup_30d

Konfiguration

{
  "log-collector": {
    "enabled": true,
    "collection_interval_hours": 3,
    "retention_days": 30,
    "nodes": [
      {"id": "node1", "local": true},
      {"id": "node2", "ssh_key": "~/.ssh/node2_key"},
      {"id": "node3", "ssh_key": "~/.ssh/node3_key"},
      {"id": "node4", "ssh_key": "~/.ssh/node4_key", "optional": true}
    ],
    "vpn_priority": ["tailscale", "wireguard", "wan"]
  }
}

Scripts

Script Zweck
log_collector.py Haupt-Collection-Logik
ssh_connector.py SSH-Verbindungen mit Fallback
vpn_checker.py VPN-Status-Prüfung
retention_cleanup.py 30-Tage Cleanup

Logs

logs/log-collector/
├── 2026-04-18.log
├── collection-errors.log
└── run-summary.json

Installation

# Skill installieren
clawhub install log-collector

# Cron aktivieren (alle 3 Stunden)
0 */3 * * * /usr/bin/python3 /home/openclaw/.openclaw/workspace/skills/log-collector/scripts/log_collector.py

Troubleshooting

Problem: SSH-Verbindung fehlgeschlagen

Prüfung:

# VPN erreichbar?
ping 10.10.0.2

# SSH-Key korrekt?
ssh -i ~/.ssh/node2_key [email protected]

Problem: Logs nicht in Datenbank

Prüfung:

# logs.db existiert?
ls -la db/logs.db

# Fehler-Log
tail logs/log-collector/collection-errors.log

Integration

  • db-maintainer: Separate DB, gleiche Backup-Strategie
  • workspace-db: Dokumentations-Index (separat)
  • tree.db v2: Datei-Tracking (separat)

Hinweis: Konfiguration (SSH-Keys, IPs) nicht im Skill - muss in env/db konfiguriert werden.

安全使用建议
This skill mostly does what it says (SSH/VPN log collection) but several red flags mean you should not install it blindly: 1) The script depends on system binaries (ssh, ping, journalctl, tail) and filesystem write access to /home/openclaw/.openclaw/workspace but the skill declares none of these — verify those tools exist and the skill will run under an account with the correct, limited permissions. 2) SKILL.md references helper scripts that are missing; confirm expected files and DB schema (logs.db.schema.sql) are present before use. 3) The code ignores ssh_key entries from its configuration and uses 'StrictHostKeyChecking=no' — this accepts host keys automatically (MITM risk) and means the collector may use unanticipated SSH keys/agents; fix the code to explicitly use configured keys (-i) and enforce host key checking if you plan to use it. 4) The collector will fetch remote ~/.openclaw/logs and system logs that can contain secrets; ensure you trust the nodes and have appropriate retention and encryption for logs.db. 5) Test in an isolated/staging environment, review and possibly harden the script (honor ssh_key fields, validate inputs, constrain what files/commands are collected), and confirm where the nodes list and SSH credentials are stored and who can access them. If you cannot validate the origin or fix the issues above, avoid installing it on production systems.
功能分析
Type: OpenClaw Skill Name: log-collector Version: 1.0.0 The skill is designed for automated log collection across multiple network nodes via SSH and VPN. While its behavior aligns with the stated purpose, it possesses high-risk capabilities including the execution of remote commands via subprocess calls and the management of SSH keys (scripts/log_collector.py). It also explicitly disables 'StrictHostKeyChecking', which introduces a vulnerability to Man-in-the-Middle (MITM) attacks, and requires broad 'read_write_ssh' permissions as noted in SKILL.md.
能力评估
Purpose & Capability
The skill's stated purpose (collect logs over SSH/VPN) aligns with the code: the included script pings nodes, runs ssh to gather journalctl/syslog and stores results in a local DB. However metadata omissions are problematic: the skill declares no required binaries or credentials even though the script relies on system tools (ssh, ping, journalctl, tail) and filesystem write access to /home/openclaw/.openclaw/workspace. The package.json marks the skill as a daemon, but there is no install spec to create/enable a daemon. These mismatches are disproportionate to the described purpose.
Instruction Scope
SKILL.md instructs the agent to run the Python script periodically (cron) and references helper scripts (ssh_connector.py, vpn_checker.py, retention_cleanup.py) that are not present in the file manifest — only log_collector.py exists. The runtime instructions and code will: read a nodes table from the workspace DB, attempt SSH to arbitrary VPN IPs, and copy potentially sensitive logs (~/.openclaw/logs/*, system logs). The script uses 'StrictHostKeyChecking=no' (accepts host keys automatically) and does not actually honor the SSH-key paths shown in SKILL.md/config (the code never passes -i or uses node['ssh_key']), which is an inconsistency and a security risk (MITM and lack of explicit key control). SKILL.md also says configuration (SSH keys, IPs) is not in the skill and 'must be in env/db' — relying on an external DB for node config increases blast radius if that DB is misconfigured or accessible.
Install Mechanism
There is no install spec (instruction-only), which minimizes supply-chain risk from downloads. However package.json indicates openclaw.daemon: true while SKILL.md suggests manual cron setup; this inconsistency is a packaging/convention issue rather than an immediate code-supply risk. Because files are included, installing will place scripts on disk and the SKILL.md recommends adding a cron entry — that gives the skill persistent execution if the administrator follows instructions.
Credentials
The skill requests no environment variables or declared credentials, yet it requires network access to remote nodes and filesystem read/write under /home/openclaw/.openclaw/workspace (DB, logs, schema). The nodes configuration (including SSH key paths) is expected to be stored outside the skill; the script, however, ignores the declared ssh_key fields and relies on the system's SSH defaults, which is inconsistent and surprising. The skill will collect arbitrary logs from remote machines (which may contain secrets) and store them locally — this capability is powerful and should have explicit, proportional credential/config declarations and guidance, which are missing.
Persistence & Privilege
The skill is not marked always:true and model invocation is allowed (default). The SKILL.md instructs adding a cron entry to run every 3 hours, creating persistent scheduled execution if an operator follows it. package.json's daemon:true suggests it was designed to run persistently, but the package lacks an automated install that would register a daemon. This is not necessarily malicious, but combined with the other concerns it increases the attack surface if installed and scheduled.
如何使用
  1. 确保已安装 OpenClaw(本地或 Docker 部署)
  2. 在对话框中输入安装命令:/install log-collector
  3. 安装完成后,直接呼叫该 Skill 的名称或使用 /log-collector 触发
  4. 根据 Skill 的参数说明提供必要输入,即可获得结构化输出
版本历史
v1.0.0
Initial release of log-collector—permanent log collection agent for multi-node clusters. - Collects system and custom logs from all nodes every 3 hours via SSH/VPN; stores in logs.db with 30-day retention. - Supports multi-node clusters with prioritized VPN fallback (Tailscale > WireGuard > WAN-SSH). - Handles nodes with variable reachability using best-effort and error logging. - Includes automated daily cleanup of expired logs and buffer transfer if gateway is offline. - Configuration is externalized; skill provides detailed documentation, installation, and troubleshooting guidance.
元数据
Slug log-collector
版本 1.0.0
许可证 MIT-0
累计安装 1
当前安装数 1
历史版本数 1
常见问题

Log Collector 是什么?

Permanent log collection agent. Collects logs and history from all nodes via SSH/VPN every 3 hours. Stores in logs.db with 30-day retention. Multi-node capab... 它是一个面向 Claude Code / OpenClaw 的 AI Agent Skill 插件,目前累计下载 66 次。

如何安装 Log Collector?

在 OpenClaw 或 Claude Code 对话框中运行命令「/install log-collector」即可一键安装,无需额外配置。

Log Collector 是免费的吗?

是的,Log Collector 完全免费,采用 MIT-0 许可证,可自由下载、安装和使用。

Log Collector 支持哪些平台?

Log Collector 跨平台运行,可在任意部署了 OpenClaw / Claude Code 的环境中使用(cross-platform)。

谁开发了 Log Collector?

由 KikiKari(@kikikari)开发并维护,当前版本 v1.0.0。

推荐 Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 留言讨论