Stats
Actions
Tags
From cortex
Run a comprehensive cortex health check covering environment, config quality, storage, ports, service status, HTTP health, MCP actions, listener reachability, Docker ingest, and fleet rsyslog forwarding. Use when the user asks for syslog doctor, deployment diagnostics, first-run preflight, health check, sanity check, or broad deployment verification.
How this skill is triggered — by the user, by Claude, or both
Slash command
/cortex:cortex-drThe summary Claude sees in its skill listing — used to decide when to auto-load this skill
Run a full PASS / WARN / FAIL diagnostic for cortex. Use this when the user needs broad deployment confidence rather than a narrow log query.
Run a full PASS / WARN / FAIL diagnostic for cortex. Use this when the user needs broad deployment confidence rather than a narrow log query.
Display resolved plugin config, excluding sensitive token values:
Gather host context:
uname -srmsystemd-detect-virtCheck prerequisites for server mode:
command -v docker, docker version --format {{.Server.Version}}, docker compose versionCheck storage and permissions for $CLAUDE_PLUGIN_OPTION_DATA_DIR:
max_db_size_mb * 1.2, or at least 2048 MB when max DB size is disabledCheck auth mode and token quality without printing token values:
$CLAUDE_PLUGIN_OPTION_NO_AUTH is true, record WARN (auth disabled by plugin config) and do not fail an empty token.your-secret-token, changeme, test, placeholder, secret, token, password, abc123, default.Check ports:
Check service state:
docker compose logs cortex --tail 30 --no-color when not running.Check HTTP and MCP:
curl -sS -m 3 "$CLAUDE_PLUGIN_OPTION_SERVER_URL/health"; expect status ok.stats, hosts, and tail n=1; report totals, host count, write_blocked, DB size, free disk, and most recent timestamp. If the MCP tool fails, record the error and continue with HTTP-only evidence.Check runtime freshness in server mode:
${CLAUDE_PLUGIN_ROOT}/scripts/check-runtime-current.sh.CURRENT:.STALE: or FAIL: and include the printed fix: line when present.cortex-version-check --pull when the user specifically wants to pull first and detect a stale registry tag.Check listener reachability:
$CLAUDE_PLUGIN_OPTION_SERVER_URL.nc -z -w2 <host> "${CLAUDE_PLUGIN_OPTION_SYSLOG_HOST_PORT:-$CLAUDE_PLUGIN_OPTION_SYSLOG_PORT}"curl -sS -o /dev/null -w "%{http_code}" -m 3 "$CLAUDE_PLUGIN_OPTION_SERVER_URL/mcp".
NO_AUTH=true or no bearer/OAuth auth configured), 200 or MCP protocol-level 400/405 is acceptable as route evidence; do not flag open access as a failure because it matches configuration.401 for an unauthenticated request.404 means the route is wrong or another service owns the port.Check optional Docker ingest hosts:
$CLAUDE_PLUGIN_OPTION_FLEET_HOSTS, curl -sf -m 3 http://<host>:2375/_ping; expect OK.Check fleet rsyslog forwarding in server mode when $CLAUDE_PLUGIN_OPTION_FLEET_HOSTS is non-empty:
hosts output with last_seen within 30 minutes (low-volume hosts that send infrequently may legitimately fail a stricter threshold — use WARN rather than FAIL when last_seen is between 30 minutes and retention window)Produce one results table:
| Check | Status | Detail |
|---|---|---|
| Env: kernel | INFO | value |
| Storage: writable | PASS/WARN/FAIL | detail |
| Service: state | PASS/WARN/FAIL | detail |
| Runtime: freshness | PASS/FAIL | CURRENT or stale/fail detail |
| MCP: stats | PASS/FAIL | totals or error |
| Fleet host | PASS/FAIL | detail |
If service-state checks failed, include a ## Service Logs section with the captured logs.
End with one verdict:
All checks passedReady with warnings<N> checks failedFor each warning or failure, include a concrete next step. Add a footer that deep functional validation is bash scripts/smoke-test.sh.
npx claudepluginhub jmagar/dendrite --plugin cortexCreates, edits, and optimizes skills for Claude Code, including drafting, evaluating with test prompts, iterating on performance, and improving skill descriptions for better triggering accuracy.