syslog-drlisted

# Syslog Doctor Run a full PASS / WARN / FAIL diagnostic for syslog-mcp. Use this when the user needs broad deployment confidence rather than a narrow log query. ## Workflow 1. Display resolved plugin config, excluding sensitive token values: - server/client mode - server URL - syslog bind and MCP bind - data dir - retention and storage limits - Docker ingest status and fleet hosts 2. Gather host context: - `uname -srm` - `systemd-detect-virt` 3. Check prerequisites for server mode: - `command -v docker`, `docker version --format {{.Server.Version}}`, `docker compose version` 4. Check storage and permissions for `$CLAUDE_PLUGIN_OPTION_DATA_DIR`: - directory exists - writable by the service user - free space is at least `max_db_size_mb * 1.2`, or at least 2048 MB when max DB size is disabled 5. Check auth mode and token quality without printing token values: - If `$CLAUDE_PLUGIN_OPTION_NO_AUTH` is true, record `WARN (auth disabled by plugin config)` and do not fail an empty token. - If OAuth mode is configured, verify OAuth config presence and skip bearer-token strength checks unless a bearer fallback token is also configured. - In bearer mode with auth enabled, empty token is FAIL. - In bearer mode with auth enabled, length under 24 characters is WARN. - Known weak placeholders are FAIL: `your-secret-token`, `changeme`, `test`, `placeholder`, `secret`, `token`, `password`, `abc123`, `default`. - Otherwise PASS. 6.