Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| OO_TOKEN | No | Bearer token for authentication. | |
| OO_ORG_ID | No | Optional organization ID. Required if the credentials have access to more than one organization. | |
| OO_BASE_URL | No | Base URL of the OpenObserve server (e.g., https://openobserve.example.com) | |
| OO_PASSWORD | No | Password for basic authentication. | |
| OO_USERNAME | No | Username for basic authentication. | |
| OO_AUTH_MODE | No | Authentication mode to use ('basic' or 'bearer'). | |
| OO_VERIFY_SSL | No | Whether to verify SSL certificates (true/false). | true |
| OO_CONFIG_FILE | No | Optional explicit path to a config file (.env format). | |
| OO_TIMEOUT_SECONDS | No | Timeout for requests in seconds. | 20 |
Capabilities
Features and capabilities supported by this server
| Capability | Details |
|---|---|
| tools | {
"listChanged": false
} |
| prompts | {
"listChanged": false
} |
| resources | {
"subscribe": false,
"listChanged": false
} |
| experimental | {} |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| list_streams | List streams available in the current organization. |
| get_stream_schema | Get schema information for a specific stream. Increase fields_limit to inspect more fields from large schemas. |
| search_logs | Run a full SQL search against OpenObserve logs. Supports WHERE, ORDER BY, GROUP BY, and aggregate functions, e.g. SELECT level, count(*) AS cnt FROM stream_name GROUP BY level ORDER BY cnt DESC. Time values are Unix timestamps in microseconds. Tip: 1 hour = 3_600_000_000 us, 1 day = 86_400_000_000 us. The limit parameter sets the API page size; if your SQL also includes LIMIT, the smaller effective result wins. output_format can be 'records' or 'columns'; 'columns' is especially useful for wide SELECT * queries and can save roughly 35-40% tokens. record_profile can be 'generic' or 'kubernetes_compact'; the Kubernetes compact profile trims common noisy metadata fields such as pod labels and pod IP metadata. |
| search_around | Fetch records around a specific log entry. key must be the target record's _timestamp value in microseconds. output_format can be 'records' or 'columns' for a more token-efficient table shape. record_profile can be 'generic' or 'kubernetes_compact'. |
| search_values | Get distinct field values for a stream over a time range. filter_query uses OpenObserve's _values filter syntax, e.g. kubernetes_pod_namespace=litellm. Simple SQL-like equality such as kubernetes_pod_namespace='litellm' is normalized automatically. Time values are Unix timestamps in microseconds. Tip: 1 hour = 3_600_000_000 us, 1 day = 86_400_000_000 us. In this tool, total means the number of field groups returned, not the total number of matching log records. |
| list_dashboards | List dashboards in the current organization. |
| get_dashboard | Get a dashboard definition by id. |
| get_latest_traces | Get the latest trace data from a trace stream. Time values are Unix timestamps in microseconds. |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |