Which integrations are available for this server?

Provides 37 tools for interacting with Sumo Logic, enabling search and analytics, monitor management, alert management, dashboard management, collector and source management, and metrics queries.

How do I use sumo-logic-mcp?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@sumo-logic-mcp list all monitors with critical status" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

sumo-logic-mcp

by rajfirke

Overview Schema Related Servers Score Discussions

Python

Remote

sumo-logic-mcp

MCP server for Sumo Logic — 37 tools for searching logs, managing monitors, alerts, dashboards, collectors, and metrics.

Zero hardcoded org-specific values. Any team can plug in their own credentials and start querying immediately.

Quick Start

1. Install

pip install sumo-logic-mcp

2. Get Sumo Logic Credentials

Generate an Access Key in the Sumo Logic UI: Preferences > Security > Access Keys.

You need:

Access ID — the key identifier
Access Key — the secret (shown only once at creation)
API Endpoint — depends on your deployment region (see table below)

3. Configure Your MCP Client

Add to your MCP client configuration (e.g., ~/.cursor/mcp.json or equivalent):

{
  "mcpServers": {
    "sumologic": {
      "command": "python3",
      "args": ["-m", "sumo_logic_mcp"],
      "env": {
        "SUMOLOGIC_ACCESS_ID": "<your-access-id>",
        "SUMOLOGIC_ACCESS_KEY": "<your-access-key>",
        "SUMOLOGIC_ENDPOINT": "https://api.sumologic.com"
      }
    }
  }
}

Or run directly:

export SUMOLOGIC_ACCESS_ID="your-access-id"
export SUMOLOGIC_ACCESS_KEY="your-access-key"
export SUMOLOGIC_ENDPOINT="https://api.sumologic.com"
python3 -m sumo_logic_mcp

Related MCP server: Overwatch MCP

API Endpoints by Region

Deployment	API Endpoint
US1	`https://api.sumologic.com`
US2	`https://api.us2.sumologic.com`
EU	`https://api.eu.sumologic.com`
AU	`https://api.au.sumologic.com`
CA	`https://api.ca.sumologic.com`
DE	`https://api.de.sumologic.com`
IN	`https://api.in.sumologic.com`
JP	`https://api.jp.sumologic.com`
KR	`https://api.kr.sumologic.com`
FED	`https://api.fed.sumologic.com`

Determine yours from your Sumo Logic login URL (e.g., service.us2.sumologic.com → US2).

Tool Reference

Search & Analytics (4 tools)

Tool	Description	Required Params
`search_logs`	Execute a log search (full lifecycle: create job → poll → fetch → cleanup)	`query`
`get_search_status`	Check status of a running search job	`job_id`
`get_search_results`	Fetch messages or records from a search job	`job_id`
`cancel_search`	Cancel a running search job	`job_id`

search_logs optional params: from_time (default -15m), to_time (default now), timezone (default UTC), limit (default 100), by_receipt_time, timeout (default 300s).

Time formats: ISO 8601 (2024-01-15T09:00:00), relative (-15m, -1h, -2d, -1w), epoch ms (1718745600000), or now.

Monitor Management (10 tools)

Tool	Description	Required Params
`list_monitors`	List all monitors	—
`search_monitors`	Search by name or status filter	`query`
`get_monitor`	Get full monitor configuration	`monitor_id`
`create_monitor`	Create a new monitor	`name`, `query`, `threshold`
`update_monitor`	Update monitor config (read-modify-write)	`monitor_id`, `fields_json`
`delete_monitor`	Delete a monitor (irreversible)	`monitor_id`
`enable_monitor`	Enable a disabled monitor	`monitor_id`
`disable_monitor`	Disable a monitor	`monitor_id`
`get_monitor_status`	Get current health/triggering state	`monitor_id`
`get_monitor_history`	Get alert history for a monitor	`monitor_id`

Search filter examples: monitorStatus:Critical, monitorStatus:Warning, monitorStatus:AllTriggered.

Alert Management (3 tools)

Tool	Description	Required Params
`get_active_alerts`	Get all currently firing alerts	—
`get_alert_details`	Get detailed alert info for a monitor	`monitor_id`
`resolve_alert`	Resolve an alert by disabling its monitor	`monitor_id`

Dashboard Management (5 tools)

Tool	Description	Required Params
`list_dashboards`	List dashboards with pagination	—
`get_dashboard`	Get full dashboard config	`dashboard_id`
`create_dashboard`	Create a dashboard with panels and layout	`title`, `panels_json`, `layout_json`
`update_dashboard`	Update dashboard config (read-modify-write)	`dashboard_id`, `fields_json`
`delete_dashboard`	Delete a dashboard (irreversible)	`dashboard_id`

Collector & Source Management (8 tools)

Tool	Description	Required Params
`list_collectors`	List all collectors	—
`get_collector`	Get collector configuration	`collector_id`
`create_hosted_collector`	Create a new Hosted collector	`name`
`update_collector`	Update collector config (with ETag locking)	`collector_id`, `fields_json`
`delete_collector`	Delete a collector and its sources	`collector_id`
`list_sources`	List sources on a collector	`collector_id`
`get_source`	Get source configuration	`collector_id`, `source_id`
`create_http_source`	Create an HTTP source (returns endpoint URL)	`collector_id`, `name`

Metrics (4 tools)

Tool	Description	Required Params
`query_metrics`	Execute a metrics query	`query`
`list_metric_definitions`	Discover available metric names	—
`get_metric_metadata`	Get dimensions for a metric	`metric_name`
`list_metric_namespaces`	List metric content types	—

Utility (3 tools)

Tool	Description	Required Params
`check_connection`	Verify API connectivity and auth	—
`get_account_usage`	Get account status and ingestion info	—
`validate_query`	Check if a query is syntactically valid	`query`

Usage Examples

Once configured, just ask your AI assistant naturally:

"Search for 500 errors in the last hour"
→ AI calls search_logs with appropriate query

"Show me all critical alerts"
→ AI calls get_active_alerts with status=Critical

"Create a monitor for high error rates on our API"
→ AI calls create_monitor with query, threshold, and notification params

"List all hosted collectors"
→ AI calls list_collectors with filter_type=hosted

"What CPU metrics are available?"
→ AI calls list_metric_definitions

Development

git clone https://github.com/rajfirke/sumo-logic-mcp.git
cd sumo-logic-mcp
python3 -m venv .venv
source .venv/bin/activate
pip install -e ".[dev]"

# Lint
ruff check src/ tests/

# Test
pytest -v

# Run locally
export SUMOLOGIC_ACCESS_ID="..."
export SUMOLOGIC_ACCESS_KEY="..."
export SUMOLOGIC_ENDPOINT="https://api.sumologic.com"
python3 -m sumo_logic_mcp

Architecture

src/sumo_logic_mcp/
├── __init__.py          # Exports mcp, triggers tool registration
├── __main__.py          # Entry point: python -m sumo_logic_mcp
├── server.py            # FastMCP instance + lifespan (shared HTTP client)
├── client.py            # Async HTTP client (httpx, Basic Auth, retry, cookies)
├── validation.py        # Time parsing and validation
└── tools/
    ├── __init__.py      # Imports all tool modules
    ├── search.py        # 4 search tools
    ├── monitors.py      # 10 monitor tools
    ├── alerts.py        # 3 alert tools
    ├── dashboards.py    # 5 dashboard tools
    ├── collectors.py    # 8 collector/source tools
    ├── metrics.py       # 4 metrics tools
    └── utils.py         # 3 utility tools

Design Decisions

Zero org-specific config — Only 3 env vars needed: access ID, access key, endpoint. No hardcoded indexes, source categories, or query patterns.
Cookie persistence — httpx's built-in cookie jar handles Sumo's session routing (requests without cookies get 404/500).
Timezone passed through — The timeZone parameter is always sent to the API, defaulting to UTC. The reference implementation silently dropped it.
NOT STARTED is valid — Sumo's search API returns "NOT STARTED" as an initial state. We treat it as an intermediate polling state (the reference treated it as fatal).
Job cleanup — Search jobs are always deleted in a finally block after fetching results.
ETag locking — Collector updates use If-Match headers for optimistic concurrency control.
Aware datetimes only — All time operations use datetime.now(timezone.utc), never the deprecated datetime.utcnow().

License

Apache 2.0 — see LICENSE.

This server cannot be installed

license - permissive license

quality - not tested

maintenance

How are these scores calculated?

Maintenance

–Maintainers

–Response time

–Release cycle

–Releases (12mo)

Commit activity

Resources

GitHub Repository

Need Help?

Related Servers

Unclaimed servers have limited discoverability.

Looking for Admin?

If you are the server author, to access and configure the admin panel.

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rajfirke/sumo-logic-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server