A syslog receiver built in Rust that ingests UDP and TCP logs into SQLite with FTS5 full-text indexing, then exposes 40+ MCP actions for homelab observability. The `cortex` tool surfaces search, filter, tail, errors, hosts, timeline, patterns, anomalies, and correlation queries, plus specialized actions for AI transcript abuse detection, Docker Compose diagnostics, and incident triage. Supports both streamable HTTP and stdio transports. Designed for Claude-driven log analysis in homelab environments where you want structured intelligence over raw syslog streams without standing up a full ELK stack. Ships with six infrastructure prompts for incident triage, host health checks, and security review workflows.
claude mcp add --transport stdio jmagar-syslog-mcp uvx syslog-mcp