nickohold/coralogix-mcp-server
If you are the rightful owner of coralogix-mcp-server and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
The Coralogix MCP Server is a tool that allows AI agents to query Coralogix logs using Lucene or DataPrime syntax.
Coralogix MCP Server
MCP server exposing a Coralogix query tool for AI agents.
Overview
This Model Context Protocol (MCP) server provides a coralogix_query tool that allows AI agents to query Coralogix logs and perform aggregations using either Lucene or DataPrime syntax.
Installation
Install the MCP server using npm:
npx -y @nickholden/coralogix-mcp-server@latest
MCP Configuration
Add this configuration to your MCP settings file (e.g., cline_mcp_settings.json):
"coralogix-mcp-server": {
"autoApprove": [
"coralogix_query"
],
"disabled": false,
"timeout": 60,
"type": "stdio",
"command": "npx",
"args": [
"-y",
"@nickholden/coralogix-mcp-server@latest"
],
"env": {
"CORALOGIX_API_KEY": "PUT_YOUR_API_KEY_HERE",
"CORALOGIX_REGION": "auto"
}
}
Getting a Coralogix API Key
- Log in to your Coralogix account
- Navigate to Settings → API Keys
- Create a new API key with appropriate permissions for querying logs
- Copy the key and replace
PUT_YOUR_API_KEY_HEREin the configuration above
Regional Configuration
The server automatically detects your Coralogix region, but you can configure it explicitly:
Environment Variables:
CORALOGIX_REGION: Set toeu,us1,us2,ap1,ap2, orauto(default: auto-detect)
Supported Regions:
eu: Europe (coralogix.com)us1: US East (us1.coralogix.com)us2: US West (us2.coralogix.com)ap1: Asia Pacific India (app.coralogix.in)ap2: Asia Pacific Singapore (coralogixsg.com)
If region auto-detection fails, check your API key and network connectivity.
Development Setup
For local development:
git clone https://github.com/nickohold/coralogix-mcp-server.git
cd coralogix-mcp-server
npm install
npm run build
Usage
Tool Schema
The server exposes a single tool: coralogix_query
Parameters:
query(string, required): Lucene/DataPrime query stringsyntax(string, optional):"QUERY_SYNTAX_LUCENE"or"QUERY_SYNTAX_DATAPRIME"(default)startDate(string, optional): ISO-8601 start date (default: now - 15 min)endDate(string, optional): ISO-8601 end date (default: now)limit(integer, optional): Maximum results (1-1000)
Example Usage with AI Agent
Query recent error logs:
{
"tool": "coralogix_query",
"arguments": {
"query": "source logs | filter severity == `Error`",
"syntax": "QUERY_SYNTAX_DATAPRIME",
"limit": 50
}
}
Search for specific text in logs:
{
"tool": "coralogix_query",
"arguments": {
"query": "error OR failed",
"syntax": "QUERY_SYNTAX_LUCENE",
"startDate": "2025-06-11T12:00:00.000Z",
"endDate": "2025-06-11T13:00:00.000Z"
}
}
Count logs by application:
{
"tool": "coralogix_query",
"arguments": {
"query": "source logs | count by applicationName"
}
}
Development
Setup
git clone <repository>
cd coralogix-mcp-server
npm install
Build
npm run build
Watch Mode
npm run watch
Testing
npm test
Inspector
Use the MCP inspector to test the server:
npm run inspector
API Reference
Coralogix Query Syntax
The server supports both Lucene and DataPrime query syntaxes:
Lucene Examples:
error OR failed- Search for logs containing "error" or "failed"severity:Error- Filter by severity levelapplicationName:"my-app" AND level:ERROR- Complex filtering
DataPrime Examples:
source logs | filter severity == 'Error'- Filter error logssource logs | count by applicationName- Count by applicationsource logs | filter timestamp > now() - 1h- Recent logs
Default Behavior
- Time Range: If no
startDate/endDateprovided, queries the last 15 minutes - Syntax: Defaults to
QUERY_SYNTAX_DATAPRIMEif not specified - Timeout: Requests timeout after 30 seconds
Error Handling
The server provides detailed error messages for:
- Missing or invalid API key
- Invalid query parameters
- Coralogix API errors
- Network timeouts
License
MIT