OpenClaw Token Burn Diagnosis & Multi-Channel Optimization

Content

{
  "steps": [
    {
      "order": 1,
      "action": "Run openclaw doctor --non-interactive"
    },
    {
      "order": 2,
      "action": "Check logs: openclaw logs --limit 500 --json | grep -i \"401|unauthorized|exited\""
    },
    {
      "order": 3,
      "action": "Count cascading errors: grep error logs | sort | uniq -c (>10/hour = cascade)"
    },
    {
      "order": 4,
      "action": "Identify failing subsystem: highest error count = target channel"
    },
    {
      "order": 5,
      "action": "Check auth_age: openclaw doctor | grep channel; if >1440 min, stale"
    },
    {
      "order": 6,
      "action": "Disable channel: openclaw config set channels.[channel] null"
    },
    {
      "order": 7,
      "action": "Verify fallback healthy: openclaw doctor | grep ok status"
    },
    {
      "order": 8,
      "action": "Monitor 24h: token usage should trend back to baseline"
    },
    {
      "order": 9,
      "action": "Add weekly cron: check auth_age, alert if >1440 min, auto-disable if >2880 min"
    }
  ],
  "tools_required": [
    "openclaw",
    "grep/sort/uniq",
    "gateway config API"
  ],
  "expected_output": "Incident report: root cause, circuit breaker deployed, token burn restored to baseline, prevention rules added",
  "trigger_condition": "Daily token usage exceeds baseline by >200% OR historical spike detected"
}