一键在 Manus 中运行任何 Skill

cortex-deploy-dropins

星标1

分支2

更新时间2026年6月4日 06:25

Deploy rsyslog forwarding drop-ins to configured fleet hosts over SSH. Use when configuring fleet forwarding, repairing missing rsyslog forwarding, or updating forwarding after server_url or syslog port changes.

安装

用 Codex 或 Claude 帮你安装复制这段 Prompt，粘贴到 Codex、Claude 或其他助手里，让它检查 Skill 页面并帮你完成安装。

在 Manus 中运行

来源

jmagar

jmagar/cortex

打开 GitHub 仓库查看创作者相关仓库

下载

在 Manus 中运行

Cortex Deploy Drop-ins

Install or update /etc/rsyslog.d/99-cortex.conf on each configured fleet host.

Preconditions

Verify before changing hosts:

SSH aliases from fleet_hosts work without prompting.
Sudo can write rsyslog config and restart rsyslog.
Each fleet host can route to the cortex server on the externally reachable syslog port.

Skip devices that cannot be configured through SSH and rsyslog, such as UniFi, Mikrotik, ISP routers, or hosts running syslog-ng or other non-rsyslog forwarders. Point the user to docs/SETUP.md for those.

Resolve Target

Parse the host portion from $CLAUDE_PLUGIN_OPTION_SERVER_URL. If it is localhost or 127.0.0.1, stop and ask for a routable hostname or IP because fleet hosts cannot forward to localhost.

Call the resolved value FORWARD_TARGET.

Resolve the externally reachable port as:

FORWARD_PORT="${CLAUDE_PLUGIN_OPTION_SYSLOG_HOST_PORT:-${CLAUDE_PLUGIN_OPTION_SYSLOG_PORT:-1514}}"

Use CLAUDE_PLUGIN_OPTION_SYSLOG_HOST_PORT when Docker publishes a host port that differs from the container's internal syslog port. The endpoint is FORWARD_TARGET:FORWARD_PORT.

Drop-in

Write this file on each host, using the resolved target and port:

# Avoid feeding cortex/rsyslog internal logs back into cortex.
if ($programname == "syslog" or $programname == "rsyslogd") then stop
*.* @@<FORWARD_TARGET>:<FORWARD_PORT>

Use @@ for TCP. Use single @ only when a host cannot send TCP.

Deployment Loop

For each host in $CLAUDE_PLUGIN_OPTION_FLEET_HOSTS (split comma-separated or newline-rendered values and ignore blanks):

Test SSH:
```
ssh -o BatchMode=yes -o ConnectTimeout=5 <host> true
```
On SSH failure: skip this host, mark it as FAILED (SSH unreachable) in the report, and continue to the next host.

Build and write the drop-in. Do not run an example that contains literal FORWARD_TARGET or CORTEX_RECEIVER_PORT placeholders:

target_line="*.* @@${FORWARD_TARGET}:${FORWARD_PORT}"
dropin_content="$(printf '%s\n' \
  '# Avoid feeding cortex/rsyslog internal logs back into cortex.' \
  'if ($programname == "syslog" or $programname == "rsyslogd") then stop' \
  "$target_line")"
printf '%s\n' "$dropin_content" | ssh <host> "sudo tee /etc/rsyslog.d/99-cortex.conf >/dev/null"

Restart rsyslog:

ssh <host> "sudo systemctl restart rsyslog"

Verify rsyslog:

ssh <host> "systemctl is-active rsyslog"

Report

Print a table:

Host	Drop-in Deployed	rsyslog Restarted	Status
host	yes/no	yes/no	active/failed

Tell the user to run cortex-dr after a few seconds to confirm log flow, or bash scripts/smoke-test.sh for full validation.

同仓库更多 Skills

同仓库

cortex-report

jmagar/cortex

This skill should be used when the user asks for a homelab health report, syslog summary, fleet status report, log analysis summary, 'what happened in the last 24 hours', 'show me this week's errors', 'summarize recent activity', or any time-bounded log analysis that should produce a written markdown report.

2026-06-161

cortex

jmagar/cortex

This skill should be used when the user asks to "search logs", "check errors", "tail logs", "show recent logs", "find log entries", "correlate events", "list hosts", "log stats", "syslog", "check homelab logs", or mentions system logs, syslog, log analysis, or log intelligence across homelab hosts.

2026-06-161

cortex-redeploy

jmagar/cortex

Re-run the cortex plugin setup hook with the current userConfig and verify the Docker Compose deployment. Use when the user asks to redeploy cortex, apply plugin config changes immediately, rerun the setup hook, refresh the Docker deployment, or recover after an automated SessionStart/ConfigChange hook did not run.

2026-06-101

cortex-dr

jmagar/cortex

Run a comprehensive cortex health check covering environment, config quality, storage, ports, service status, HTTP health, MCP actions, listener reachability, Docker ingest, and fleet rsyslog forwarding. Use when the user asks for syslog doctor, deployment diagnostics, first-run preflight, health check, sanity check, or broad deployment verification.

2026-06-041

cortex-frustration-assessment

jmagar/cortex

This skill should be used after running cortex action=abuse_investigate to analyze the resulting evidence bundle. Use when the user asks to assess frustration incidents, evaluate abuse signals, analyze agent or user friction, produce a frustration report, or follow up on abuse_investigate results.

2026-06-041

cortex-logs

jmagar/cortex

Tail or follow cortex service logs from Docker Compose. Use when the user asks for cortex service logs, startup logs, crash logs, plugin deployment logs, Docker logs, or follow mode. This is for the service's stdout/stderr, not client syslog entries.

2026-06-041

name	cortex-deploy-dropins
description	Deploy rsyslog forwarding drop-ins to configured fleet hosts over SSH. Use when configuring fleet forwarding, repairing missing rsyslog forwarding, or updating forwarding after server_url or syslog port changes.

Cortex Deploy Drop-ins

Install or update /etc/rsyslog.d/99-cortex.conf on each configured fleet host.

Preconditions

Verify before changing hosts:

SSH aliases from fleet_hosts work without prompting.
Sudo can write rsyslog config and restart rsyslog.
Each fleet host can route to the cortex server on the externally reachable syslog port.

Resolve Target

Parse the host portion from $CLAUDE_PLUGIN_OPTION_SERVER_URL. If it is localhost or 127.0.0.1, stop and ask for a routable hostname or IP because fleet hosts cannot forward to localhost.

Call the resolved value FORWARD_TARGET.

Resolve the externally reachable port as:

FORWARD_PORT="${CLAUDE_PLUGIN_OPTION_SYSLOG_HOST_PORT:-${CLAUDE_PLUGIN_OPTION_SYSLOG_PORT:-1514}}"

Use CLAUDE_PLUGIN_OPTION_SYSLOG_HOST_PORT when Docker publishes a host port that differs from the container's internal syslog port. The endpoint is FORWARD_TARGET:FORWARD_PORT.

Drop-in

Write this file on each host, using the resolved target and port:

# Avoid feeding cortex/rsyslog internal logs back into cortex.
if ($programname == "syslog" or $programname == "rsyslogd") then stop
*.* @@<FORWARD_TARGET>:<FORWARD_PORT>

Use @@ for TCP. Use single @ only when a host cannot send TCP.

Deployment Loop

For each host in $CLAUDE_PLUGIN_OPTION_FLEET_HOSTS (split comma-separated or newline-rendered values and ignore blanks):

Test SSH:
```
ssh -o BatchMode=yes -o ConnectTimeout=5 <host> true
```
On SSH failure: skip this host, mark it as FAILED (SSH unreachable) in the report, and continue to the next host.

Build and write the drop-in. Do not run an example that contains literal FORWARD_TARGET or CORTEX_RECEIVER_PORT placeholders:

target_line="*.* @@${FORWARD_TARGET}:${FORWARD_PORT}"
dropin_content="$(printf '%s\n' \
  '# Avoid feeding cortex/rsyslog internal logs back into cortex.' \
  'if ($programname == "syslog" or $programname == "rsyslogd") then stop' \
  "$target_line")"
printf '%s\n' "$dropin_content" | ssh <host> "sudo tee /etc/rsyslog.d/99-cortex.conf >/dev/null"

Restart rsyslog:

ssh <host> "sudo systemctl restart rsyslog"

Verify rsyslog:

ssh <host> "systemctl is-active rsyslog"

Report

Print a table:

Host	Drop-in Deployed	rsyslog Restarted	Status
host	yes/no	yes/no	active/failed

Tell the user to run cortex-dr after a few seconds to confirm log flow, or bash scripts/smoke-test.sh for full validation.