Available Tools¶
AWS Logs MCP provides several tools for interacting with AWS CloudWatch Logs and CloudTrail events.
CloudWatch Logs¶
cloudWatchLogGroups¶
List available CloudWatch Log Groups with optional filtering.
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
prefix | string | No | Filter log groups by prefix |
limit | number | No | Maximum number of log groups to return (default: 50) |
Example:
{
"tool": "cloudWatchLogGroups",
"params": {
"prefix": "/aws/lambda/",
"limit": 10
}
}
Response:
The response contains a list of log groups with details:
[
{
"logGroupName": "/aws/lambda/my-function",
"creationTime": "2023-01-15T12:30:45.000Z",
"metricFilterCount": 0,
"arn": "arn:aws:logs:us-east-1:123456789012:log-group:/aws/lambda/my-function:*",
"storedBytes": 1234567
},
...
]
cloudWatchLogs¶
Retrieve logs from CloudWatch with various filtering options.
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
logGroupName | string | Yes | The name of the log group to query |
logStreamName | string | No | Specific log stream name |
filterPattern | string | No | Filter pattern to apply to logs |
startTime | string | No | Start time for log retrieval (ISO format or relative like -30m, -1h, -1d) |
endTime | string | No | End time for log retrieval (ISO format) |
limit | number | No | Maximum number of log events to return (default: 100) |
Example:
{
"tool": "cloudWatchLogs",
"params": {
"logGroupName": "/aws/lambda/my-function",
"filterPattern": "ERROR",
"startTime": "-1h",
"limit": 50
}
}
Response:
The response contains formatted log events:
[2023-01-15T14:30:12.345Z] ERROR: Unable to connect to database
[2023-01-15T14:35:22.678Z] ERROR: Timeout waiting for response from external API
CloudTrail Events¶
cloudTrailEvents¶
Retrieve events from CloudTrail with various filtering options.
Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
eventName | string | No | Filter events by name (e.g., "CreateFunction", "InvokeFunction") |
username | string | No | Filter events by AWS username |
resourceName | string | No | Filter events by resource name |
resourceType | string | No | Filter events by resource type |
startTime | string | No | Start time for event retrieval (ISO format or relative like -30m, -1h, -1d) |
endTime | string | No | End time for event retrieval (ISO format) |
limit | number | No | Maximum number of events to return (default: 50) |
Example:
{
"tool": "cloudTrailEvents",
"params": {
"eventName": "CreateFunction",
"startTime": "-1d",
"limit": 25
}
}
Response:
The response contains formatted CloudTrail events:
[
{
"eventTime": "2023-01-15T10:23:45.000Z",
"eventName": "CreateFunction",
"username": "admin",
"resources": [
{
"resourceType": "AWS::Lambda::Function",
"resourceName": "my-new-function"
}
],
"eventSource": "lambda.amazonaws.com",
"eventId": "abcdef12-3456-7890-abcd-ef1234567890",
"readOnly": false
},
...
]
Testing Connections¶
testAwsConnection¶
Test AWS connectivity with current credentials.
Parameters: None
Example:
{
"tool": "testAwsConnection",
"params": {}
}
Response:
The response indicates whether the connection to AWS services was successful:
{
"success": true,
"message": "Successfully connected to AWS services",
"details": {
"identity": {
"accountId": "123456789012",
"arn": "arn:aws:sts::123456789012:assumed-role/MyRole/session-name"
},
"services": [
{
"name": "CloudWatchLogs",
"status": "available"
},
{
"name": "CloudTrail",
"status": "available"
}
]
}
}
Error Handling¶
All tools return standardized error responses when issues occur:
{
"error": "ERROR_CODE",
"message": "Human-readable error message",
"timestamp": "2023-01-15T12:34:56.789Z",
"service": "CloudWatchLogs",
"operation": "listLogGroups"
}
Common error codes include: - VALIDATION_ERROR: Invalid parameters - AWS_SERVICE_ERROR: AWS service-related errors - AUTHENTICATION_ERROR: AWS credential issues - PERMISSION_ERROR: Insufficient permissions - INTERNAL_ERROR: Server-side issues