MCP Sumo Logic

A Model Context Protocol (MCP) server that integrates with Sumo Logic's API to perform log searches.

Features

Search Sumo Logic logs using custom queries
Configurable time ranges for searches
Error handling and detailed logging
Docker support for easy deployment

Environment Variables

ENDPOINT=https://api.au.sumologic.com/api/v1  # Sumo Logic API endpoint
SUMO_API_ID=your_api_id                       # Sumo Logic API ID
SUMO_API_KEY=your_api_key                     # Sumo Logic API Key

Setup

Clone the repository
Install dependencies:
npm install
Create a .env file with the required environment variables
Build the project:
npm run build
Start the server:
npm start

Docker Setup

Build the Docker image:
docker build -t mcp/sumologic .
Run the container (choose one method):a. Using environment variables directly:
docker run -e ENDPOINT=your_endpoint -e SUMO_API_ID=your_api_id -e SUMO_API_KEY=your_api_key mcp/sumologic
b. Using a .env file:
docker run --env-file .env mcp/sumologic
Note: Make sure your .env file contains the required environment variables:
ENDPOINT=your_endpoint SUMO_API_ID=your_api_id SUMO_API_KEY=your_api_key

Usage

The server exposes a search-sumologic tool that accepts the following parameters:

query (required): The Sumo Logic search query
from (optional): Start time in ISO 8601 format
to (optional): End time in ISO 8601 format

Example query:

const query = '_index=app_pro_fiat_cont | json auto | fields log_identifier';
const results = await search(sumoClient, query, {
  from: '2024-02-23T00:00:00Z',
  to: '2024-02-24T00:00:00Z',
});

Error Handling

The server includes comprehensive error handling and logging:

API errors are caught and logged with details
Search job status is monitored and logged
Network and authentication issues are properly handled

Development

To run in development mode:

npm run dev

For testing:

npm test