mcp-sumologic

v1.0.20

Published

7 months ago

Slim MCP server for Sumo Logic

0High
0Medium
0Low

kostamalsev

MCP Sumo Logic Server

A slim MCP server for Sumo Logic log searches with environment-specific query validation.

Prerequisites

Node.js 18+
Sumo Logic API credentials

Quick Start

npm install
cp env.example .env
# Edit .env with your Sumo Logic credentials
npm run build
npm start

Configuration via CLI flags

You can also pass credentials and endpoint via CLI flags (useful for .cursor/mcp.json). CLI flags take precedence over environment variables:

{
  "mcpServers": {
    "sumologic": {
      "name": "sumologic",
      "command": "node",
      "args": [
        "/absolute/path/to/sumologic-mcp/dist/index.js",
        "--sumo-api-id", "YOUR_ID",
        "--sumo-api-key", "YOUR_KEY",
        "--endpoint", "https://api.au.sumologic.com/api/v1",
        "--prod-env", "true"
      ],
      "cwd": "/absolute/path/to/sumologic-mcp"
    }
  }
}

Environment Configuration

The server supports both local environment variables and AWS SSM Parameter Store for configuration. SSM parameters take priority over local environment variables.

Local Environment Variables

Set these in your .env file:

SUMO_API_ID: Your Sumo Logic API ID
SUMO_API_KEY: Your Sumo Logic API Key
ENDPOINT: Sumo Logic API endpoint (default: https://api.eu.sumologic.com/api)
PROD_ENV: Environment flag for query validation

AWS SSM Parameter Store (Optional)

For production deployments, you can store configuration in AWS SSM Parameter Store:

Environment-Specific Query Validation

The server supports environment-specific query validation through the PROD_ENV flag:

Development Environment (default)

Set PROD_ENV=false in .env or omit the flag
Queries must start with _index=* for better performance
Example: _index=* | _sourceCategory=prod/app

Production Environment

Set PROD_ENV=true in .env or use --prod-env=true
Queries must start with _dataTier=All for proper data access
Example: _dataTier=All | _sourceCategory=prod/app

Usage

The server exposes search_sumologic tool:

query (required): Sumo Logic search query (must follow environment-specific prefix requirements)
from/to (optional): Time range in ISO format

Example: search_sumologic query="_sourceCategory=prod/app"

Development

npm run dev

example of test run: https://www.loom.com/share/60c5e212e55447c8afa9840041da1d15?sid=0aa9f8c9-e3dd-4e55-aab4-b636149bbe46