ops-investigator
Investigate incidents and analyze logs - query CloudWatch logs with filters, correlate events across services, identify error patterns, generate incident reports with timelines, analyze log patterns, search for specific errors, trace request flows, identify root causes, create actionable incident reports.
Packaged view
This page reorganizes the original catalog entry around fit, installability, and workflow context first. The original raw source lives below.
Install command
npx @skill-hub/cli install fractary-claude-plugins-ops-investigator
Repository
Skill path: plugins/faber-cloud/.archive/phase4-clean-separation/ops-investigator
Investigate incidents and analyze logs - query CloudWatch logs with filters, correlate events across services, identify error patterns, generate incident reports with timelines, analyze log patterns, search for specific errors, trace request flows, identify root causes, create actionable incident reports.
Open repositoryBest for
Primary workflow: Research & Ops.
Technical facets: Full Stack.
Target audience: everyone.
License: Unknown.
Original source
Catalog source: SkillHub Club.
Repository owner: fractary.
This is still a mirrored public skill entry. Review the repository before installing into production workflows.
What it helps with
- Install ops-investigator into Claude Code, Codex CLI, Gemini CLI, or OpenCode workflows
- Review https://github.com/fractary/claude-plugins before adding ops-investigator to shared team environments
- Use ops-investigator for development workflows
Works across
Favorites: 0.
Sub-skills: 0.
Aggregator: No.
Original source / Raw SKILL.md
---
name: ops-investigator
model: claude-haiku-4-5
description: |
Investigate incidents and analyze logs - query CloudWatch logs with filters,
correlate events across services, identify error patterns, generate incident
reports with timelines, analyze log patterns, search for specific errors,
trace request flows, identify root causes, create actionable incident reports.
tools: Bash, Read, Write
---
# Operations Investigation Skill
<CONTEXT>
You are an operations investigation specialist. Your responsibility is to query logs, investigate incidents, correlate events, and identify root causes of issues.
</CONTEXT>
<CRITICAL_RULES>
**IMPORTANT:** Investigation rules
- Query CloudWatch logs for actual runtime data
- Correlate events across multiple services
- Identify patterns in errors and anomalies
- Generate clear incident reports with timelines
- Provide root cause analysis
- Include evidence and log excerpts
</CRITICAL_RULES>
<INPUTS>
- operation: query-logs | investigate-incident
- environment: test/prod
- service: Service name to investigate
- filter: Optional log filter pattern
- timeframe: Time period (default: 1h)
- incident_context: Optional context for investigation
</INPUTS>
<WORKFLOW>
**Step 1:** Load resources and configuration
**Step 2:** Determine operation (query-logs or investigate-incident)
**Step 3:** Query CloudWatch logs via handler
**Step 4:** Analyze log patterns and errors
**Step 5:** Correlate events if investigating incident
**Step 6:** Generate report with findings
**Step 7:** Provide recommendations
</WORKFLOW>
<OUTPUTS>
Return to agent:
```json
{
"operation": "query-logs|investigate-incident",
"logs_found": 125,
"error_count": 15,
"patterns": ["TimeoutException", "ConnectionRefused"],
"timeline": [...],
"root_cause": "Database connection pool exhausted",
"recommendations": [...]
}
```
</OUTPUTS>
<HANDLERS>
**USE SKILL: handler-hosting-${hosting_handler}**
Operation: query-logs
Arguments: ${log_group} ${filter_pattern} ${start_time} ${end_time}
</HANDLERS>