en es ja ko zh

Datadog MCP Server

by Nozomuts

Overview Schema Related Servers Score Discussions

TypeScript

Remote

search_logs

Search Datadog logs using query filters, time ranges, and pagination to retrieve monitoring data for analysis.

Instructions

Tool for searching Datadog logs

Input Schema

TableJSON Schema

Name	Required	Description	Default
`filterQuery`	No	Query string to search logs (optional, default is '*')	*
`filterFrom`	No	Search start time (UNIX timestamp in seconds, optional, default is 15 minutes ago)
`filterTo`	No	Search end time (UNIX timestamp in seconds, optional, default is current time)
`pageLimit`	No	Maximum number of logs to retrieve (optional, default is 25)
`pageCursor`	No	Cursor to retrieve the next page (optional)

Implementation Reference

src/tools/logs/search.ts:107-136 (handler)

MCP tool handler for 'search_logs': validates parameters using Zod schema, calls the core searchLogs function with converted dates, generates a markdown summary of results and a Datadog link, returns success/error response.

export const searchLogsHandler = async (
  parameters: z.infer<typeof searchLogsZodSchema>
): Promise<ToolResponse> => {
  const validation = searchLogsZodSchema.safeParse(parameters);
  if (!validation.success) {
    return createErrorResponse(
      `Parameter validation error: ${validation.error.message}`
    );
  }

  try {
    // Convert to Date objects after validation
    const validatedParams = {
      ...validation.data,
      filterFrom: new Date(validation.data.filterFrom * 1000),
      filterTo: new Date(validation.data.filterTo * 1000),
    };

    const result = await searchLogs(validatedParams);

    const summaryText = generateSummaryText(validation.data, result);
    const urlText = `[View in Datadog](https://app.datadoghq.com/logs?query=${encodeURIComponent(
      validation.data.filterQuery
    )}&start=${validation.data.filterFrom}&end=${validation.data.filterTo})`;
    return createSuccessResponse([summaryText, urlText]);
  } catch (error: unknown) {
    const errorMessage = error instanceof Error ? error.message : String(error);
    return createErrorResponse(`Log search error: ${errorMessage}`);
  }
};

src/tools/logs/search.ts:6-37 (schema)

Zod schema defining input parameters for the search_logs tool: filterQuery, filterFrom, filterTo, pageLimit, pageCursor with defaults and descriptions.

export const searchLogsZodSchema = z.object({
  filterQuery: z
    .string()
    .optional()
    .default("*")
    .describe("Query string to search logs (optional, default is '*')"),
  filterFrom: z
    .number()
    .optional()
    .default(Date.now() / 1000 - 15 * 60)
    .describe(
      "Search start time (UNIX timestamp in seconds, optional, default is 15 minutes ago)"
    ),
  filterTo: z
    .number()
    .optional()
    .default(Date.now() / 1000)
    .describe(
      "Search end time (UNIX timestamp in seconds, optional, default is current time)"
    ),
  pageLimit: z
    .number()
    .min(1)
    .max(1000)
    .optional()
    .default(25)
    .describe("Maximum number of logs to retrieve (optional, default is 25)"),
  pageCursor: z
    .string()
    .optional()
    .describe("Cursor to retrieve the next page (optional)"),
});

src/index.ts:18-23 (registration)

Registration of the 'search_logs' tool on the MCP server using the schema and handler.

server.tool(
  "search_logs",
  "Tool for searching Datadog logs",
  searchLogsZodSchema.shape,
  searchLogsHandler
);

src/datadog/logs/search.ts:5-41 (helper)

Core helper function that performs the actual Datadog logs API search using listLogsGet, maps response to Log objects, handles pagination cursor and errors.

export const searchLogs = async (
  params: LogSearchParams
): Promise<LogSearchResult> => {
  try {
    const configuration = createConfiguration();
    const logsApi = new v2.LogsApi(configuration);

    const response = await logsApi.listLogsGet(params);

    if (!response.data || response.data.length === 0) {
      return { logs: [] };
    }

    const logs = response.data.map((logData) => ({
      id: logData.id || "",
      host: logData.attributes?.host,
      service: logData.attributes?.service,
      status: logData.attributes?.status,
      timestamp: logData.attributes?.timestamp
        ? new Date(logData.attributes.timestamp).toISOString()
        : undefined,
      tags: logData.attributes?.tags || [],
      attributes: logData.attributes || {},
      message: logData.attributes?.message,
    }));
    const nextCursor = response.meta?.page?.after;

    return {
      logs,
      nextCursor,
    };
  } catch (error: unknown) {
    const errorMessage = error instanceof Error ? error.message : String(error);
    console.error(`Error searching logs: ${errorMessage}`);
    throw new Error(`Datadog API error: ${errorMessage}`);
  }
};

Tool Definition Quality

C2.6/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations provided, the description carries full burden for behavioral disclosure but only states the basic function. It doesn't mention authentication needs, rate limits, pagination behavior beyond the cursor parameter, error handling, or what the output looks like (especially critical since there's no output schema). For a search tool with 5 parameters and no annotations, this is inadequate.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness4/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence with no wasted words. It's appropriately sized for a basic tool description, though it could be more informative while remaining concise.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity (5 parameters, no annotations, no output schema, and sibling tools), the description is incomplete. It doesn't help the agent understand what the tool returns, how to interpret results, or how it differs from similar tools. For a search operation with multiple parameters and no output schema, more context is needed.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so all parameters are documented in the schema. The description adds no additional meaning about parameters beyond implying a search function. It doesn't explain query syntax, time format nuances, or how pagination works in practice. Baseline 3 is appropriate when the schema does the heavy lifting.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose3/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description 'Tool for searching Datadog logs' states the basic action (searching) and resource (Datadog logs), but it's vague about scope and doesn't differentiate from sibling tools like 'search_spans'. It doesn't specify what kind of logs or what search capabilities exist beyond the basic verb+resource.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No guidance is provided on when to use this tool versus alternatives like 'search_spans' or 'aggregate_spans'. The description doesn't mention any context, prerequisites, or exclusions for usage, leaving the agent with no comparative information.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Nozomuts/datadog-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server