datadog mcp

Instructions

Implementation Reference

• src/tools/searchLogs.ts:43-113 (handler)

  The core handler function that performs the POST request to Datadog's /api/v2/logs/events/search endpoint using fetch, handles authentication, applies limits, and processes errors.
  execute: async (params: SearchLogsParams) => { try { const { apiKey = process.env.DD_API_KEY, appKey = process.env.DD_APP_KEY, filter, sort, page, limit } = params; if (!apiKey || !appKey) { throw new Error("API Key and App Key are required"); } const apiInstance = new v2.LogsApi(configuration); // Use a more flexible approach with POST // Create the search request based on API docs const body = { filter: filter, sort: sort, page: page }; // Use DD_LOGS_SITE environment variable instead of DD_SITE const apiUrl = `https://${ process.env.DD_LOGS_SITE || "datadoghq.com" }/api/v2/logs/events/search`; const headers = { "Content-Type": "application/json", "DD-API-KEY": apiKey, "DD-APPLICATION-KEY": appKey }; const response = await fetch(apiUrl, { method: "POST", headers: headers, body: JSON.stringify(body) }); if (!response.ok) { throw { status: response.status, message: await response.text() }; } const data = await response.json(); // Apply client-side limit if specified if (limit && data.data && data.data.length > limit) { data.data = data.data.slice(0, limit); } return data; } catch (error: any) { if (error.status === 403) { console.error( "Authorization failed (403 Forbidden): Check that your API key and Application key are valid and have sufficient permissions to access logs." ); throw new Error( "Datadog API authorization failed. Please verify your API and Application keys have the correct permissions." ); } else { console.error("Error searching logs:", error); throw error; } } }
• src/index.ts:219-235 (schema)

  Zod schema defining the input parameters for the search-logs tool, including filter query, time ranges, sorting, pagination, and limit.
  filter: z .object({ query: z.string().optional(), from: z.string().optional(), to: z.string().optional(), indexes: z.array(z.string()).optional() }) .optional(), sort: z.string().optional(), page: z .object({ limit: z.number().optional(), cursor: z.string().optional() }) .optional(), limit: z.number().default(100) },
• src/index.ts:215-242 (registration)

  Registers the search-logs tool with the MCP server, specifying the tool name, description, input schema, and a thin wrapper handler that delegates to searchLogs.execute.
  server.tool( "search-logs", "Search logs in Datadog with advanced filtering options. Use filter.query for search terms (e.g., 'service:web-app status:error'), from/to for time ranges (e.g., 'now-15m', 'now'), and sort to order results. Essential for investigating application issues.", { filter: z .object({ query: z.string().optional(), from: z.string().optional(), to: z.string().optional(), indexes: z.array(z.string()).optional() }) .optional(), sort: z.string().optional(), page: z .object({ limit: z.number().optional(), cursor: z.string().optional() }) .optional(), limit: z.number().default(100) }, async (args) => { const result = await searchLogs.execute(args); return { content: [{ type: "text", text: JSON.stringify(result) }] }; } );
• src/tools/searchLogs.ts:23-41 (helper)

  Initializes the Datadog API client configuration with auth keys and site-specific server variables for the logs API.
  initialize: () => { const configOpts = { authMethods: { apiKeyAuth: process.env.DD_API_KEY, appKeyAuth: process.env.DD_APP_KEY } }; configuration = client.createConfiguration(configOpts); if (process.env.DD_LOGS_SITE) { configuration.setServerVariables({ site: process.env.DD_LOGS_SITE }); } // Enable any unstable operations configuration.unstableOperations["v2.listLogsGet"] = true; },