Service Watchdog

v1.0.0

Monitors self-hosted services by checking HTTP endpoints, TCP ports, SSL expiry, and DNS resolution, then reports status and alerts in concise, chat-friendly...

⭐ 2· 636·2 current·2 all-time

by@mariusfit

Security Scan

VirusTotal

Suspicious

View report →

OpenClaw

Benign

medium confidence

✓

Purpose & Capability

Name/description match the implementation: the script performs HTTP, TCP, DNS, and SSL checks and produces summary, JSON, and report outputs. Declared dependencies (curl, openssl, nc/ncat or /dev/tcp, dig/nslookup/host, jq) align with the stated features.

✓

Instruction Scope

SKILL.md instructs the agent to run the included bash script against a user-created watchdog.json. The script reads only the config file and writes a local history CSV by default; it does not request unexplained system-wide reads or external accounts in the provided content. Behavior (cron usage, --json, --report, --ssl-only, --alerts-only) matches the documented feature set.

✓

Install Mechanism

No install spec — this is instruction-only with an included shell script. That reduces install-time risk; dependencies are standard system utilities. Nothing is downloaded or extracted at install time.

✓

Credentials

No required credentials or secret environment variables. Optional env vars (WATCHDOG_CONFIG, WATCHDOG_WORKSPACE) are reasonable and scoped to choosing config/workspace. The script writes a history file in the workspace (default watchdog-history.csv), which is expected for monitoring history.

ℹ

Persistence & Privilege

The skill is not always:true and does not request elevated privileges; it can run autonomously (platform default). It does persist local history to a CSV in the workspace and can be run from cron as recommended — users should be aware it will create/append files in whatever workspace it runs from.

Assessment

This skill appears coherent and limited to local monitoring, but before installing: 1) inspect the full watchdog.sh for any alerting/webhook blocks (the SKILL.md doesn't describe sending data to external endpoints; if the script contains webhook integrations, verify the endpoints and auth are ones you expect); 2) be aware it will create and append a history CSV in the workspace (set WATCHDOG_WORKSPACE or use --no-history if you don't want files written); 3) run it in a controlled environment (container or non-sensitive workspace) first to confirm behavior; 4) ensure only allowed hosts/domains are placed in watchdog.json to avoid scanning unintended targets; and 5) verify required utilities (curl, jq, openssl, nc/dig) are the versions you trust. If you want higher assurance, provide the full, untruncated watchdog.sh for a line-by-line audit.

Like a lobster shell, security has layers — review code before you run it.

devopsvk97dxds8p7vr6w1f8f98m2wxxn81r3t4homelabvk97dxds8p7vr6w1f8f98m2wxxn81r3t4infrastructurevk97dxds8p7vr6w1f8f98m2wxxn81r3t4latestvk97dxds8p7vr6w1f8f98m2wxxn81r3t4monitoringvk97dxds8p7vr6w1f8f98m2wxxn81r3t4

636downloads

2stars

1versions

Updated 4h ago

v1.0.0

MIT-0

Service Watchdog

Lightweight service and endpoint monitoring for self-hosted infrastructure. Checks HTTP endpoints, TCP ports, SSL certificate expiry, and DNS resolution — then reports status in a clean, chat-friendly format.

What It Does

HTTP Health Checks — GET/POST with expected status codes, response time tracking, content matching
TCP Port Checks — Verify services are listening (databases, mail servers, game servers, etc.)
SSL Certificate Monitoring — Days until expiry, issuer info, auto-warn thresholds
DNS Resolution — Verify domains resolve correctly, detect DNS hijacking
Smart Summaries — One-glance status for all your services, with trend data
Alert Logic — Configurable thresholds, cooldowns, and severity levels to prevent alert fatigue

Quick Start

1. Create a watchlist

Create watchdog.json in your workspace root:

{
  "services": [
    {
      "name": "Home Assistant",
      "type": "http",
      "url": "http://192.168.1.100:8123",
      "expect_status": 200,
      "timeout_ms": 5000
    },
    {
      "name": "Proxmox",
      "type": "https",
      "url": "https://proxmox.local:8006",
      "expect_status": 200,
      "ssl_warn_days": 14,
      "timeout_ms": 5000
    },
    {
      "name": "PostgreSQL",
      "type": "tcp",
      "host": "db.local",
      "port": 5432,
      "timeout_ms": 3000
    },
    {
      "name": "My Domain",
      "type": "dns",
      "domain": "example.com",
      "expect_ip": "93.184.216.34"
    }
  ],
  "defaults": {
    "timeout_ms": 5000,
    "ssl_warn_days": 14,
    "alert_cooldown_min": 30,
    "history_retention_days": 30
  }
}

2. Run a check

bash skills/service-watchdog/watchdog.sh

Output example:

🟢 Home Assistant       — 200 OK (142ms)
🟢 Proxmox              — 200 OK (89ms) | SSL: 47 days
🟢 PostgreSQL           — port 5432 open (12ms)
🟢 My Domain            — resolves to 93.184.216.34 ✓
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
4/4 healthy | avg response: 81ms | checked: 2026-02-24 16:30 UTC

3. Detailed report

bash skills/service-watchdog/watchdog.sh --report

Shows trend data: uptime percentage, P95 response times, incident history.

4. JSON output (for cron integration)

bash skills/service-watchdog/watchdog.sh --json

5. Check SSL only

bash skills/service-watchdog/watchdog.sh --ssl-only

6. Alert summary (for messaging)

bash skills/service-watchdog/watchdog.sh --alerts-only

Only outputs services that need attention (down, slow, SSL expiring).

Cron Integration

Add to your OpenClaw cron for continuous monitoring:

Every 5 minutes (lightweight check):

Run `bash skills/service-watchdog/watchdog.sh --json` and report only if any service is unhealthy.

Daily SSL report:

Run `bash skills/service-watchdog/watchdog.sh --ssl-only` and report expiring certificates.

Configuration Reference

Service types

Type	Required Fields	Optional Fields
`http` / `https`	`url`	`expect_status`, `expect_body`, `method`, `headers`, `timeout_ms`, `ssl_warn_days`
`tcp`	`host`, `port`	`timeout_ms`
`dns`	`domain`	`expect_ip`, `nameserver`

Global defaults

Field	Default	Description
`timeout_ms`	5000	Request timeout
`ssl_warn_days`	14	SSL expiry warning threshold
`alert_cooldown_min`	30	Min minutes between repeated alerts
`history_retention_days`	30	How long to keep check history
`history_file`	`watchdog-history.csv`	Path for check history data

How the Agent Should Use This

When the user asks about service status, infrastructure health, or "are my services up?":

Run bash skills/service-watchdog/watchdog.sh for a quick overview
Run with --report for detailed trends and history
Run with --alerts-only for just the problems
Run with --ssl-only to check certificate status
Run with --json when you need structured data for further analysis

For proactive monitoring, run checks in cron jobs and only alert the user when something is wrong.

Requirements

curl (for HTTP/HTTPS checks)
openssl (for SSL certificate checks)
nc or ncat (for TCP port checks) — falls back to bash /dev/tcp if unavailable
dig or nslookup (for DNS checks) — falls back to host command
jq (for JSON config parsing)

All standard on most Linux distributions. No external APIs or accounts needed.

Comments

Loading comments...