MCP JSON Database Server

by yusuferenkt

Overview Schema Related Servers Score Discussions

JavaScript

Local

get_all_audit_logs

Retrieve all audit logs from the JSON database server for administrative review and monitoring of system activities.

Instructions

Tüm audit logları getirir (Sadece admin)

Input Schema

TableJSON Schema

Name	Required	Description	Default
`token`	Yes	JWT token
`limit`	No	Gösterilecek log sayısı (varsayılan: 200)

Implementation Reference

src/index.js:812-847 (handler)

MCP tool handler for 'get_all_audit_logs': checks admin permissions via token, calls the getAllAuditLogs helper, audits the access, returns logs or permission error.

case 'get_all_audit_logs': {
  const { token, limit = 200 } = args;
  
  try {
    const user = checkPermissionWithToken(token, PERMISSIONS.AUDIT_READ_ALL);
    const logs = await getAllAuditLogs(limit);
    
    // Tüm audit log erişimini logla (kritik)
    await auditLogger.sensitiveDataAccessed(user.userId, user.role, 'all_audit_logs', { limit });
    
    return {
      content: [{
        type: 'text',
        text: JSON.stringify({
          success: true,
          data: logs,
          total: logs.length,
          requestedBy: { id: user.userId, role: user.role },
          warning: 'Bu tüm sistem audit loglarını içerir - Gizli bilgiler içerebilir'
        }, null, 2)
      }]
    };
  } catch (error) {
    return {
      content: [{
        type: 'text',
        text: JSON.stringify({ 
          success: false, 
          message: error.message,
          requiredPermission: PERMISSIONS.AUDIT_READ_ALL,
          note: 'Tüm audit loglar sadece admin tarafından görüntülenebilir'
        })
      }]
    };
  }
}

src/index.js:320-327 (schema)

Input schema for get_all_audit_logs tool: requires JWT token, optional limit (default 200).

inputSchema: {
  type: 'object',
  properties: {
    token: { type: 'string', description: 'JWT token' },
    limit: { type: 'number', description: 'Gösterilecek log sayısı (varsayılan: 200)' }
  },
  required: ['token']
}

src/index.js:318-328 (registration)

Registration of get_all_audit_logs tool in the MCP ListTools response, defining name, description, and input schema.

  name: 'get_all_audit_logs',
  description: 'Tüm audit logları getirir (Sadece admin)',
  inputSchema: {
    type: 'object',
    properties: {
      token: { type: 'string', description: 'JWT token' },
      limit: { type: 'number', description: 'Gösterilecek log sayısı (varsayılan: 200)' }
    },
    required: ['token']
  }
},

src/audit.js:175-185 (helper)

Helper function that reads the audit logs JSON file and returns the most recent 'limit' number of logs in chronological order (oldest first).

export async function getAllAuditLogs(limit = 200) {
  try {
    const auditData = await readAuditLogs();
    return auditData.logs
      .slice(-limit)
      .reverse();
  } catch (error) {
    console.error('Tüm audit log hatası:', error);
    return [];
  }
}

Tool Definition Quality

B3.3/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden. It discloses the admin-only restriction, which is a key behavioral trait. However, it lacks details on other aspects like rate limits, pagination (implied by 'limit' parameter but not explained), error handling, or what 'all audit logs' entails (e.g., time range, format). For a tool with no annotations, this is a significant gap.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence in Turkish ('Tüm audit logları getirir (Sadece admin)'), which translates to 'Gets all audit logs (Only admin)'. It's front-loaded with the core purpose and includes a critical constraint in parentheses, with zero wasted words.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the complexity (admin-restricted retrieval tool with 2 parameters), no annotations, and no output schema, the description is minimally adequate. It covers the purpose and access restriction but lacks details on behavior, output format, or error cases. For a tool with no structured support, it should do more to be complete.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%, so the schema already documents both parameters ('token' as JWT token and 'limit' with default 200). The description doesn't add any meaning beyond this, such as explaining why the token is required or how 'limit' affects performance. Baseline 3 is appropriate when the schema handles parameter documentation.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the verb ('getirir' meaning 'gets/retrieves') and resource ('tüm audit logları' meaning 'all audit logs'), making the purpose specific. However, it doesn't explicitly distinguish this from sibling tools like 'get_audit_logs_by_category' or 'get_audit_logs_by_date', which would require mentioning that this tool retrieves all logs without filtering.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description includes implicit usage guidance by specifying 'Sadece admin' (meaning 'Only admin'), indicating it's restricted to admin users. However, it doesn't provide explicit alternatives (e.g., when to use this vs. 'get_audit_logs_by_category') or exclusions, leaving some ambiguity about when this tool is preferred over siblings.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/yusuferenkt/mcp-database'

If you have feedback or need assistance with the MCP directory API, please join our Discord server