mcp sumologic

A Model Context Protocol (MCP) server that integrates with Sumo Logic's API to perform log searches.

Features

• Search Sumo Logic logs using custom queries
• Configurable time ranges for searches
• Error handling and detailed logging
• Docker support for easy deployment

Environment Variables

ENDPOINT=https://api.au.sumologic.com/api/v1  # Sumo Logic API endpoint
SUMO_API_ID=your_api_id                       # Sumo Logic API ID
SUMO_API_KEY=your_api_key                     # Sumo Logic API Key

Setup

1. Clone the repository
2. Install dependencies:

   npm install

3. Create a .env file with the required environment variables
4. Build the project:

   npm run build

5. Start the server:

   npm start

Docker Setup

1. Build the Docker image:

   docker build -t mcp/sumologic .

2. Run the container (choose one method):

a. Using environment variables directly:

docker run -e ENDPOINT=your_endpoint -e SUMO_API_ID=your_api_id -e SUMO_API_KEY=your_api_key mcp/sumologic

b. Using a .env file:

docker run --env-file .env mcp/sumologic

Note: Make sure your .env file contains the required environment variables:

ENDPOINT=your_endpoint
SUMO_API_ID=your_api_id
SUMO_API_KEY=your_api_key

Usage

The server exposes a search-sumologic tool that accepts the following parameters:

• query (required): The Sumo Logic search query
• from (optional): Start time in ISO 8601 format
• to (optional): End time in ISO 8601 format

Example query:

const query = '_index=app_pro_fiat_cont | json auto | fields log_identifier';
const results = await search(sumoClient, query, {
  from: '2024-02-23T00:00:00Z',
  to: '2024-02-24T00:00:00Z',
});

Error Handling

The server includes comprehensive error handling and logging: - API errors are caught and logged with details - Search job status is monitored and logged - Network and authentication issues are properly handled

Development

To run in development mode:

npm run dev

For testing:

npm test