Official Verified

Security Log Analyzer

Skill by 43622283

skill-install — Terminal

Install via CLI (Recommended)

clawhub install openclaw/skills/skills/43622283/security-log-analyzer

Download Source Code (.zip)

安全事件日志调查助手

功能说明

基于 LLM 的安全事件日志分析工具，支持简要分析和详细分析两种模式。

安装

cd /root/.openclaw/skills/security-log-analyzer
pip install -r requirements.txt
cp .env.example .env
# 编辑.env 文件，填写 API Key

配置

编辑 .env 文件：

SILICONFLOW_API_KEY=sk-your-api-key-here
SILICONFLOW_BASE_URL=https://api.siliconflow.cn/v1
SILICONFLOW_MODEL=Qwen/Qwen3-8B
API_RATE_LIMIT=2

使用方法

方式 1: 交互模式

cd /root/.openclaw/skills/security-log-analyzer
python src/analyzer.py

方式 2: 文件模式

python src/analyzer.py /path/to/log.txt brief   # 简要分析
python src/analyzer.py /path/to/log.txt detailed # 详细分析

分析模式

简要分析：快速提取关键信息（威胁等级、事件类型、建议行动）
详细分析：深度分析攻击链、IOC 指标、缓解建议

限流保护

默认请求间隔：2 秒
429 错误自动重试（等待 10 秒）
单条日志超过 4000 token 自动截断

示例日志

查看 examples/sample_logs/ 目录中的示例日志文件。

输出示例

## 事件概览
- 事件类型：SSH 暴力破解
- 威胁等级：中
- 时间范围：2026-04-22 20:00 - 21:30

## 关键发现
- 来自同一 IP 的 150+ 次失败登录尝试
- 目标账号：root, admin, ubuntu

## IOC 指标
- IP: 192.168.1.100

## 建议行动
1. 封禁源 IP
2. 启用 fail2ban
3. 配置 SSH 密钥认证

Read Full Documentation on GitHub

Metadata

Author@43622283

Stars4473

Updated2026-05-01

View Author Profile

AI Skill Finder

Not sure this is the right skill?

Describe what you want to build — we'll match you to the best skill from 16,000+ options.

Find the right skill

Add to Configuration

Paste this into your clawhub.json to enable this plugin.

{
  "plugins": {
    "official-43622283-security-log-analyzer": {
      "enabled": true,
      "auto_update": true
    }
  }
}

Safety NoteClawKit audits metadata but not runtime behavior. Use with caution.

Related Skills

li_itil_manager

ITIL 5 Manager - Elite IT Service Management Advisor specializing in ITSM, FinOps, and IT governance using ITIL 5 DPSM framework.

43622283 4473

Li Etl Handle Safe

Skill by 43622283

43622283 4473

Li Doc Answer

Skill by 43622283

43622283 4473

li-feishu-audio

飞书语音交互技能。支持语音消息自动识别、AI 处理、语音回复全流程。需要配置 FEISHU_APP_ID 和 FEISHU_APP_SECRET 环境变量。使用 faster-whisper 进行语音识别，Edge TTS 进行语音合成，自动转换 OPUS 格式并通过飞书发送。适用于飞书平台的语音对话场景。

43622283 4473

li_sentry_check

Multi-platform server inspection and health check skill. SSH into remote Linux servers using key-based authentication, run read-only inspection commands (CPU, memory, disk, network, services, security), and generate structured Markdown reports with anomaly highlighting. Use when the user asks to inspect servers, run health checks, check system metrics, perform 巡检/巡查, gather system status, or generate inspection reports. Compatible with nanobot, OpenClaw, and Hermes agent.

43622283 4473