mcp-amazon-cloudwatch-logs

mcp-amazon-cloudwatch-logs

3.2
monitoring

If you are the rightful owner of mcp-amazon-cloudwatch-logs and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

A Model Context Protocol (MCP) server for interacting with Amazon CloudWatch Logs services.

Amazon CloudWatch Logs MCP Server

A Model Context Protocol (MCP) server that provides tools for interacting with Amazon CloudWatch Logs services. This server enables AI assistants to manage CloudWatch logs through a standardized interface using AWS SDK.

Note: This project is currently under active development and not yet ready for production use. Features and APIs may change significantly before the first stable release.

Overview

This MCP server allows AI assistants to interact with Amazon CloudWatch Logs through the Model Context Protocol. It provides a standardized interface for performing various CloudWatch Logs operations, enabling comprehensive management and monitoring of log data.

Quick Start

Prerequisites

  • AWS account with CloudWatch Logs access
  • AWS access key and secret key with appropriate permissions
  • Node.js (for npm installation) or Docker

Installation

Choose one of the following installation methods:

Option 1: npm Package
# Install the package
npm install -g @hyorimitsu/amazon-cloudwatch-logs-mcp-server

# Configure in your AI assistant's configuration
# See Configuration section below
Option 2: Docker Image
# Pull the Docker image
docker pull ghcr.io/hyorimitsu/mcp-amazon-cloudwatch-logs:latest

# Configure in your AI assistant's configuration
# See Configuration section below
Option 3: Local Development Build
# Clone the repository
git clone https://github.com/hyorimitsu/mcp-amazon-cloudwatch-logs.git
cd mcp-amazon-cloudwatch-logs

# Install dependencies
pnpm install

# Build the project
pnpm run build

# Configure in your AI assistant's configuration
# See Configuration section below

Configuration

Add the server to your AI assistant's configuration:

For npm Installation
{
  "mcpServers": {
    "amazon-cloudwatch-logs": {
      "command": "amazon-cloudwatch-logs-mcp-server",
      "env": {
        "AWS_REGION": "us-east-1",
        "AWS_ACCESS_KEY_ID": "<YOUR_ACCESS_KEY>",
        "AWS_SECRET_ACCESS_KEY": "<YOUR_SECRET_KEY>"
      }
    }
  }
}
For Docker Installation
{
  "mcpServers": {
    "amazon-cloudwatch-logs": {
      "command": "docker",
      "args": [
        "run",
        "-i",
        "--rm",
        "-e",
        "AWS_REGION",
        "-e",
        "AWS_ACCESS_KEY_ID",
        "-e",
        "AWS_SECRET_ACCESS_KEY",
        "ghcr.io/hyorimitsu/mcp-amazon-cloudwatch-logs"
      ],
      "env": {
        "AWS_REGION": "us-east-1",
        "AWS_ACCESS_KEY_ID": "<YOUR_ACCESS_KEY>",
        "AWS_SECRET_ACCESS_KEY": "<YOUR_SECRET_KEY>"
      }
    }
  }
}
For Local Development Build
{
  "mcpServers": {
    "amazon-cloudwatch-logs": {
      "command": "node",
      "args": ["/path/to/mcp-amazon-cloudwatch-logs/build/index.js"],
      "env": {
        "AWS_REGION": "us-east-1",
        "AWS_ACCESS_KEY_ID": "<YOUR_ACCESS_KEY>",
        "AWS_SECRET_ACCESS_KEY": "<YOUR_SECRET_KEY>"
      }
    }
  }
}

Environment Variables

VariableRequiredDescriptionDefault
AWS_REGIONNoThe AWS region where your CloudWatch Logs resources are locatedus-east-1
AWS_ACCESS_KEY_IDYesYour AWS access key ID for authentication-
AWS_SECRET_ACCESS_KEYYesYour AWS secret access key for authentication-
READONLYNoWhen set to "true", only read operations are allowedfalse

Read-Only Mode

Enable read-only mode by setting the READONLY environment variable to "true":

"env": {
  "AWS_REGION": "us-east-1",
  "AWS_ACCESS_KEY_ID": "<YOUR_ACCESS_KEY>",
  "AWS_SECRET_ACCESS_KEY": "<YOUR_SECRET_KEY>",
  "READONLY": "true"
}

In read-only mode:

  • Only READ operations (tools that retrieve or query information) are available
  • WRITE operations (tools that create, modify, or delete resources) are disabled

This is useful for scenarios where you want to allow log viewing but prevent any modifications to your CloudWatch Logs resources.

Available Tools

Log Group Operations

Tool NameOperation TypeDescription
create_log_groupWRITECreates a log group with the specified name. You can create up to 1,000,000 log groups per Region per account.
describe_log_groupsREADLists the specified log groups. You can list all your log groups or filter the results by prefix. The results are ASCII-sorted by log group name.
delete_log_groupWRITEDeletes the specified log group and permanently deletes all the archived log events associated with the log group.

Log Stream Operations

Tool NameOperation TypeDescription
create_log_streamWRITECreates a log stream for the specified log group. A log stream is a sequence of log events that originate from a single source, such as an application instance or a resource that is being monitored.
describe_log_streamsREADLists the log streams for the specified log group. You can list all the log streams or filter the results by prefix. You can also control how the results are ordered.
delete_log_streamWRITEDeletes the specified log stream and permanently deletes all the archived log events associated with the log stream.

Log Event Operations

Tool NameOperation TypeDescription
put_log_eventsWRITEUploads a batch of log events to the specified log stream.
get_log_eventsREADLists log events from the specified log stream. You can list all of the log events or filter using a time range.
filter_log_eventsREADLists log events from the specified log group. You can list all log events, or filter the results by one or more of the following: a filter pattern, a time range, or the log stream name (or a log stream name prefix that matches multiple log streams).

Insights Operations

Tool NameOperation TypeDescription
start_queryREADStarts a query of one or more log groups using CloudWatch Logs Insights. You specify the log groups and time range to query and the query string to use.
stop_queryREADStops a CloudWatch Logs Insights query that is in progress. If the query has already ended, the operation returns an error indicating that the specified query is not running.
get_query_resultsREADReturns the results from the specified query.
describe_queriesREADReturns a list of CloudWatch Logs Insights queries that are scheduled, running, or have been run recently in this account. You can request all queries or limit it to queries of a specific log group or queries with a certain status.

For detailed documentation on each tool, including parameters and examples, see TOOLS.md.

Development

For information on developing and extending this project, please see CONTRIBUTING.md.

License

This project is licensed under the MIT License - see the file for details.

Related MCP Servers

View all monitoring servers →
mcp-grafana

mcp-grafana

3.8

by grafana

A Model Context Protocol (MCP) server for Grafana providing access to your Grafana instance and its ecosystem.

monitoring
LitterBox

LitterBox

3.7

by BlackSnufkin

LitterBox is a controlled sandbox environment for security professionals to develop and test payloads, offering advanced analysis capabilities.

security
mcp-jfrog

mcp-jfrog

3.6

by jfrog

Model Context Protocol (MCP) Server for the JFrog Platform API, enabling repository management, build tracking, release lifecycle management, and more.

developer_tools
logfire-mcp

logfire-mcp

3.6

by pydantic

Logfire MCP Server is a Model Context Protocol server that allows LLMs to access and analyze OpenTelemetry traces and metrics sent to Logfire.

monitoring
openalex-mcp

openalex-mcp

3.6

by hbiaou

OpenAlex MCP Server is a Node.js server using Express and Axios to proxy queries to the OpenAlex API.

developer_tools
mcp-server-datadog

mcp-server-datadog

3.6

by winor30

MCP server for the Datadog API, enabling incident management and more.

monitoring
jvm-mcp-server

jvm-mcp-server

3.5

by xzq-xu

A JVM monitoring MCP server implementation based on Arthas, providing a simple and easy-to-use Python interface for monitoring and analyzing Java processes.

monitoring
mcp

mcp

3.5

by PostHog

PostHog MCP is a server that allows integration with PostHog's API for managing feature flags, tracking errors, and more.

monitoring
mcp-monitor

mcp-monitor

3.5

by polishedcat

A system monitoring tool that exposes system metrics via the Model Context Protocol (MCP).

monitoring
mcp-architect

mcp-architect

3.4

by squirrelogic

A Model Context Protocol server that provides comprehensive architectural expertise through specialized agents, resources, and tools.

cloud_platforms
mcp_newrelic

mcp_newrelic

3.4

by Ivlad003

A simple Model Context Protocol (MCP) server for querying New Relic logs using NRQL queries.

monitoring
alibabacloud-observability-mcp-server

alibabacloud-observability-mcp-server

3.4

by aliyun

阿里云可观测MCP服务提供了一系列访问阿里云可观测各产品的工具能力,支持阿里云日志服务SLS、阿里云应用实时监控服务ARMS等。

monitoring
WiresharkMCP

WiresharkMCP

3.4

by shubham-s-pandey

Wireshark-MCP Integration Toolkit is a powerful integration between Wireshark and MCP that enables natural language interaction with network analysis through Claude Desktop.

developer_tools
mcp-server-kibana

mcp-server-kibana

3.4

by TocharianOU

A Kibana MCP server implementation that allows any MCP-compatible client to access your Kibana instance via natural language or programmatic requests.

cloud_platforms
grafana-loki-mcp

grafana-loki-mcp

3.4

by tumf

A FastMCP server that allows querying Loki logs from Grafana.

monitoring
skywalking-mcp

skywalking-mcp

3.4

by apache

SkyWalking-MCP is a Model Context Protocol server designed to integrate AI agents with SkyWalking OAP and its ecosystem.

monitoring
k8s-ai

k8s-ai

3.4

by hariohmprasath

AI-Powered Kubernetes Management (MCP + Agent)

developer_tools
prometheus-mcp-server

prometheus-mcp-server

3.4

by tjhop

This is an MCP server to allow LLMs to interact with a running Prometheus instance via the API to do things like generate and execute promql queries, list and analyze metrics, etc.

monitoring
mcp-shodan

mcp-shodan

3.4

by ADEOSec

A Model Context Protocol (MCP) server developed by ADEO Cybersecurity Services, providing access to Shodan and VirusTotal APIs for security analysis and threat intelligence.

security
reportportal-mcp-server

reportportal-mcp-server

3.4

by reportportal

The ReportPortal MCP Server allows users to interact with ReportPortal directly from chat interfaces like GitHub Copilot or Claude to query and analyze test execution results.

developer_tools
aranet4-mcp-server

aranet4-mcp-server

3.3

by diegobit

MCP server to manage your Aranet4 CO2 sensor, built upon Aranet4-Python.

monitoring
stdout-mcp-server

stdout-mcp-server

3.3

by amitdeshmukh

A Model Context Protocol (MCP) server that captures and manages stdout logs through a named pipe system.

developer_tools
jaeger-mcp-server

jaeger-mcp-server

3.3

by serkan-ozal

MCP Server for Jaeger, facilitating communication with Jaeger instances using the MCP protocol.

monitoring
nr-mcp

nr-mcp

3.3

by ducduyn31

nr-mcp is a server that allows AI agents to query New Relic for debugging incidents.

developer_tools
openwrt-mcp-server

openwrt-mcp-server

3.3

by morninglight-el

openwrt-mcp-server is a lightweight and extensible MCP server designed for OpenWrt-based devices, enabling communication with AI systems using MQTT and HTTP.

os_automation
alertmanager-mcp-server

alertmanager-mcp-server

3.3

by ntk148v

Prometheus Alertmanager MCP is a Model Context Protocol server for Prometheus Alertmanager, enabling AI assistants to manage Alertmanager resources programmatically.

monitoring
MISP-MCP-SERVER

MISP-MCP-SERVER

3.3

by bornpresident

A Model Context Protocol (MCP) server that integrates with the MISP (Malware Information Sharing Platform) to provide threat intelligence capabilities to Large Language Models.

security