Log Analyzer MCP

Overview Schema Related Servers Score Discussions

search_log_time_based

Search log files within specific time windows to analyze events, with options to filter results and include contextual lines before and after matches.

Instructions

Search logs within a time window, optionally filtering, with context.

Input Schema

TableJSON Schema

Name	Required	Default
`minutes`	No
`hours`	No
`days`	No
`scope`	No	default
`context_before`	No
`context_after`	No
`log_dirs_override`	No
`log_content_patterns_override`	No

Output Schema

TableJSON Schema

Name	Required	Description	Default
`result`	Yes

Implementation Reference

src/log_analyzer_mcp/log_analyzer_mcp_server.py:646-695 (handler)

The handler function for 'search_log_time_based' tool. Registered via @mcp.tool() decorator. Builds filter criteria from time-based parameters (days, hours, minutes) and other search params, then invokes analysis_engine.search_logs to retrieve matching log records with context.

@mcp.tool()
async def search_log_time_based(
    minutes: int = 0,
    hours: int = 0,
    days: int = 0,
    scope: str = "default",
    context_before: int = 2,
    context_after: int = 2,
    log_dirs_override: str = "",
    log_content_patterns_override: str = "",
) -> list[dict[str, Any]]:
    """Search logs within a time window, optionally filtering, with context."""
    logger.info(
        "MCP search_log_time_based called with time=%sd/%sh/%sm, scope='%s', "
        "context=%sB/%sA, log_dirs_override='%s', "
        "log_content_patterns_override='%s'",
        days,
        hours,
        minutes,
        scope,
        context_before,
        context_after,
        log_dirs_override,
        log_content_patterns_override,
    )

    if minutes == 0 and hours == 0 and days == 0:
        logger.warning("search_log_time_based called without a time window (all minutes/hours/days are 0).")

    log_dirs_list = log_dirs_override.split(",") if log_dirs_override else None
    log_content_patterns_list = log_content_patterns_override.split(",") if log_content_patterns_override else None

    filter_criteria = build_filter_criteria(
        minutes=minutes,
        hours=hours,
        days=days,
        scope=scope,
        context_before=context_before,
        context_after=context_after,
        log_dirs_override=log_dirs_list,
        log_content_patterns_override=log_content_patterns_list,
    )
    try:
        results = await asyncio.to_thread(analysis_engine.search_logs, filter_criteria)
        logger.info("search_log_time_based returning %s records.", len(results))
        return results
    except Exception as e:  # pylint: disable=broad-exception-caught
        logger.error("Error in search_log_time_based: %s", e, exc_info=True)
        custom_message = f"Failed to search time-based logs: {e!s}"
        raise McpError(ErrorData(code=-32603, message=custom_message)) from e

src/log_analyzer_mcp/log_analyzer_mcp_server.py:633-643 (schema)

Pydantic input schema for the search_log_time_based tool, extending BaseSearchInput with time-based fields: minutes, hours, days.

class SearchLogTimeBasedInput(BaseSearchInput):
    """Input for search_log_time_based."""

    minutes: int = Field(default=0, description="Search logs from the last N minutes.", ge=0)
    hours: int = Field(default=0, description="Search logs from the last N hours.", ge=0)
    days: int = Field(default=0, description="Search logs from the last N days.", ge=0)

    # Custom validation to ensure at least one time field is set if others are default (0)
    # Pydantic v2: @model_validator(mode='after')
    # Pydantic v1: @root_validator(pre=False)
    # For simplicity here, relying on tool logic to handle it, or can add validator if needed.

src/log_analyzer_mcp/log_analyzer_mcp_server.py:567-581 (schema)

Base Pydantic schema shared by search tools including search_log_time_based, defining common parameters: scope, context_before, context_after, log_dirs_override, log_content_patterns_override.

class BaseSearchInput(BaseModel):
    """Base model for common search parameters."""

    scope: str = Field(default="default", description="Logging scope to search within (from .env scopes or default).")
    context_before: int = Field(default=2, description="Number of lines before a match.", ge=0)
    context_after: int = Field(default=2, description="Number of lines after a match.", ge=0)
    log_dirs_override: str = Field(
        default="",
        description="Comma-separated list of log directories, files, or glob patterns (overrides .env for file locations).",
    )
    log_content_patterns_override: str = Field(
        default="",
        description="Comma-separated list of REGEX patterns for log messages (overrides .env content filters).",
    )

src/log_analyzer_mcp/log_analyzer_mcp_server.py:646-646 (registration)
The @mcp.tool() decorator registers the search_log_time_based function as an MCP tool.
```
@mcp.tool()
```

Tool Definition Quality

C2.9/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. While it mentions 'optionally filtering' and 'with context,' it doesn't explain what 'context' means in practice, what format results are returned in, whether this is a read-only operation, or any performance characteristics. For an 8-parameter tool with no annotation coverage, this is insufficient.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is extremely concise - a single sentence that efficiently communicates the core functionality. Every word earns its place: 'Search logs' (action), 'within a time window' (primary constraint), 'optionally filtering' (additional capability), 'with context' (extra feature). No wasted words or redundancy.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's complexity (8 parameters, no annotations, but has output schema), the description is minimally adequate. The output schema existence means return values don't need explanation in the description. However, for a search tool with multiple sibling alternatives and no behavioral annotations, the description should provide more guidance on usage scenarios and result interpretation.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters2/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

With 0% schema description coverage for all 8 parameters, the description provides minimal help. It mentions 'time window,' 'filtering,' and 'context,' which loosely map to some parameters (minutes/hours/days for time, log_content_patterns_override for filtering, context_before/after for context), but doesn't explain parameter relationships, defaults, or how overrides work. The description doesn't adequately compensate for the complete lack of schema descriptions.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Search logs within a time window, optionally filtering, with context.' This specifies the verb (search), resource (logs), and key features (time-based, filtering, context). However, it doesn't explicitly differentiate from siblings like search_log_all_records or search_log_first_n_records beyond the time-based aspect.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. With siblings like search_log_all_records and search_log_first_n_records available, there's no indication of when time-based searching is preferable over other log search methods. The description only states what the tool does, not when to choose it.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/djm81/log_analyzer_mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server