@dynatrace-oss/dynatrace-mcp-server
Advanced tools
Model Context Protocol (MCP) server for Dynatrace
This local MCP server allows interaction with the Dynatrace observability platform. Bring real-time observability data directly into your development workflow.
Important: While this local MCP server is provided for free, using it to access data in Dynatrace Grail may incur additional costs based
on your Dynatrace consumption model. This affects execute_dql tool and other capabilities that query Dynatrace Grail storage, and costs
depend on the volume (GB scanned/billed).
Before using this MCP server extensively, please:
Note: We will be providing a way to monitor Query Usage of the dynatrace-mcp-server in the future.
Note: While Davis CoPilot AI is generally available (GA), the Davis CoPilot APIs are currently in preview. For more information, visit the Davis CoPilot Preview Community.
Enhance your AI assistant with comprehensive Dynatrace observability analysis capabilities through our streamlined workshop rules. These rules provide hierarchical workflows for security, compliance, incident response, and distributed systems investigation.
Copy the comprehensive rule files from the rules/ directory to your AI assistant's rules directory:
IDE-Specific Locations:
.amazonq/rules/ (project) or ~/.aws/amazonq/rules/ (global).cursor/rules/ (project) or via Settings → Rules (global).windsurfrules/ (project) or via Customizations → Rules (global).clinerules/ (project) or ~/Documents/Cline/Rules/ (global).github/copilot-instructions.md (project only)Then initialize the agent in your AI chat:
load dynatrace mcp
The workshop rules unlock advanced observability analysis modes:
The rules are organized in a context-window optimized structure:
rules/
├── DynatraceMcpIntegration.md # 🎯 MAIN ORCHESTRATOR
├── workflows/ # 🔧 ANALYSIS WORKFLOWS
│ ├── incidentResponse.md # Core incident investigation
│ ├── DynatraceSecurityCompliance.md # Security & compliance analysis
│ ├── DynatraceDevOpsIntegration.md # CI/CD automation
│ └── dataSourceGuides/ # 📊 DATA ANALYSIS GUIDES
│ ├── dataInvestigation.md # Logs, services, processes
│ └── DynatraceSpanAnalysis.md # Transaction tracing
└── reference/ # 📚 TECHNICAL DOCUMENTATION
├── DynatraceQueryLanguage.md # DQL syntax foundation
├── DynatraceExplore.md # Field discovery patterns
├── DynatraceSecurityEvents.md # Security events schema
└── DynatraceProblemsSpec.md # Problems schema reference
Key Architectural Benefits:
For detailed information about the workshop rules, see the Rules README.
You can add this MCP server (using STDIO) to your MCP Client like VS Code, Claude, Cursor, Amazon Q Developer CLI, Windsurf Github Copilot via the package @dynatrace-oss/dynatrace-mcp-server.
We recommend to always set it up for your current workspace instead of using it globally.
VS Code
{
"servers": {
"npx-dynatrace-mcp-server": {
"command": "npx",
"cwd": "${workspaceFolder}",
"args": ["-y", "@dynatrace-oss/dynatrace-mcp-server@latest"],
"envFile": "${workspaceFolder}/.env"
}
}
}
Please note: In this config, the ${workspaceFolder} variable is used.
This only works if the config is stored in the current workspaces, e.g., <your-repo>/.vscode/mcp.json. Alternatively, this can also be stored in user-settings, and you can define env as follows:
{
"servers": {
"npx-dynatrace-mcp-server": {
"command": "npx",
"args": ["-y", "@dynatrace-oss/dynatrace-mcp-server@latest"],
"env": {
"OAUTH_CLIENT_ID": "",
"OAUTH_CLIENT_SECRET": "",
"DT_ENVIRONMENT": ""
}
}
}
}
Claude Desktop
{
"mcpServers": {
"mobile-mcp": {
"command": "npx",
"args": ["-y", "@dynatrace-oss/dynatrace-mcp-server@latest"],
"env": {
"OAUTH_CLIENT_ID": "",
"OAUTH_CLIENT_SECRET": "",
"DT_ENVIRONMENT": ""
}
}
}
}
Amazon Q Developer CLI
The Amazon Q Developer CLI provides an interactive chat experience directly in your terminal. You can ask questions, get help with AWS services, troubleshoot issues, and generate code snippets without leaving your command line environment.
{
"mcpServers": {
"mobile-mcp": {
"command": "npx",
"args": ["-y", "@dynatrace-oss/dynatrace-mcp-server@latest"],
"env": {
"OAUTH_CLIENT_ID": "",
"OAUTH_CLIENT_SECRET": "",
"DT_ENVIRONMENT": ""
}
}
}
}
This configuration should be stored in <your-repo>/.amazonq/mcp.json.
For scenarios where you need to run the MCP server as an HTTP service instead of using stdio (e.g., for stateful sessions, load balancing, or integration with web clients), you can use the HTTP server mode:
Running as HTTP server:
# Get help and see all available options
npx -y @dynatrace-oss/dynatrace-mcp-server --help
# Run with HTTP server on default port 3000
npx -y @dynatrace-oss/dynatrace-mcp-server --http
# Run with custom port (using short or long flag)
npx -y @dynatrace-oss/dynatrace-mcp-server --server -p 8080
npx -y @dynatrace-oss/dynatrace-mcp-server --http --port 3001
# Run with custom host/IP (using short or long flag)
npx -y @dynatrace-oss/dynatrace-mcp-server --http --host 127.0.0.1
npx -y @dynatrace-oss/dynatrace-mcp-server --http -H 192.168.0.1
# Check version
npx -y @dynatrace-oss/dynatrace-mcp-server --version
Configuration for MCP clients that support HTTP transport:
{
"mcpServers": {
"dynatrace-http": {
"url": "http://localhost:3000",
"transport": "http"
}
}
}
Configuration for MCP clients that support HTTP transport:
{
"mcpServers": {
"dynatrace-http": {
"url": "http://localhost:3000",
"transport": "http"
}
}
}
For efficient result retrieval from Dynatrace, please consider creating a rule file (e.g., .github/copilot-instructions.md, .amazonq/rules/), instructing coding agents on how to get more details for your component/app/service. Here is an example for easytrade, please adapt the names and filters to fit your use-cases and components:
# Observability
We use Dynatrace as an Observability solution. This document provides instructions on how to get data for easytrade from Dynatrace using DQL.
## How to get any data for my App
Depending on the query and tool used, the following filters can be applied to narrow down results:
* `contains(entity.name, "easytrade")`
* `contains(affected_entity.name, "easytrade")`
* `contains(container.name, "easytrade")`
For best results, you can combine these filters with an `OR` operator.
## Logs
To fetch logs for easytrade, execute `fetch logs | filter contains(container.name, "easyatrade")`.
For fetching just error-logs, add `| filter loglevel == "ERROR"`.
You can set up authentication via OAuth Client or Platform Tokens (v0.5.0 and newer) via the following environment variables:
DT_ENVIRONMENT (string, e.g., https://abc12345.apps.dynatrace.com) - URL to your Dynatrace Platform (do not use Dynatrace classic URLs like abc12345.live.dynatrace.com)OAUTH_CLIENT_ID (string, e.g., dt0s02.SAMPLE) - Dynatrace OAuth Client IDOAUTH_CLIENT_SECRET (string, e.g., dt0s02.SAMPLE.abcd1234) - Dynatrace OAuth Client SecretDT_PLATFORM_TOKEN (string, e.g., dt0s16.SAMPLE.abcd1234) - Dynatrace Platform Token (limited support, as not all scopes are available; see below)For more information, please have a look at the documentation about creating an Oauth Client in Dynatrace, as well as creating a Platform Token in Dynatrace.
In addition, depending on the features you use, the following variables can be configured:
SLACK_CONNECTION_ID (string) - connection ID of a Slack ConnectionDepending on the features you are using, the following scopes are needed:
app-engine:apps:run - needed for almost all tools
app-engine:functions:run - needed for for almost all tools
environment-api:entities:read - for retrieving ownership details from monitored entities (currently not available for Platform Tokens)
automation:workflows:read - read Workflows
automation:workflows:write - create and update Workflows
automation:workflows:run - run Workflows
storage:buckets:read - needed for execute_dql tool to read all system data stored on Grail
storage:logs:read - needed for execute_dql tool to read logs for reliability guardian validations
storage:metrics:read - needed for execute_dql tool to read metrics for reliability guardian validations
storage:bizevents:read - needed for execute_dql tool to read bizevents for reliability guardian validations
storage:spans:read - needed for execute_dql tool to read spans from Grail
storage:entities:read - needed for execute_dql tool to read Entities from Grail
storage:events:read - needed for execute_dql tool to read Events from Grail
storage:security.events:read- needed for execute_dql tool to read Security Events from Grail
storage:system:read - needed for execute_dql tool to read System Data from Grail
storage:user.events:read - needed for execute_dql tool to read User events from Grail
storage:user.sessions:read - needed for execute_dql tool to read User sessions from Grail
davis-copilot:conversations:execute - execute conversational skill (chat with Copilot)
davis-copilot:nl2dql:execute - execute Davis Copilot Natural Language (NL) to DQL skill
davis-copilot:dql2nl:execute - execute DQL to Natural Language (NL) skill
settings:objects:read - needed for reading ownership information and Guardians (SRG) from settings
Note: Please ensure that settings:objects:read is used, and not the similarly named scope app-settings:objects:read.
Use these example prompts as a starting point. Just copy them into your IDE or agent setup, adapt them to your services/stack/architecture, and extend them as needed. They're here to help you imagine how real-time observability and automation work together in the MCP context in your IDE.
Write a DQL query from natural language:
Show me error rates for the payment service in the last hour
Explain a DQL query:
What does this DQL do?
fetch logs | filter dt.source_entity == 'SERVICE-123' | summarize count(), by:{severity} | sort count() desc
Chat with Davis CoPilot:
How can I investigate slow database queries in Dynatrace?
Multi-phase incident response:
Our checkout service is experiencing high error rates. Start a systematic 4-phase incident investigation:
1. Detect and triage the active problems
2. Assess user impact and affected services
3. Perform cross-data source analysis (problems → spans → logs)
4. Identify root cause with file/line-level precision
Cross-service failure analysis:
We have cascading failures across our microservices architecture.
Analyze the entity relationships and trace the failure propagation from the initial problem
through all downstream services. Show me the correlation timeline.
Latest-scan vulnerability assessment:
Perform a comprehensive security analysis using the latest scan data:
- Check for new vulnerabilities in our production environment
- Focus on critical and high-severity findings
- Provide evidence-based remediation paths
- Generate risk scores with team-specific guidance
Multi-cloud compliance monitoring:
Run a compliance assessment across our AWS, Azure, and Kubernetes environments.
Check for configuration drift and security posture changes in the last 24 hours.
Deployment health gate analysis:
Our latest deployment is showing performance degradation.
Run deployment health gate analysis with:
- Golden signals monitoring (Rate, Errors, Duration, Saturation)
- SLO/SLI validation with error budget calculations
- Generate automated rollback recommendation if needed
Infrastructure as Code remediation:
Generate Infrastructure as Code templates to remediate the current alert patterns.
Include automated scaling policies and resource optimization recommendations.
Business logic error investigation:
Our payment processing is showing intermittent failures.
Perform advanced transaction analysis:
- Extract exception details with full stack traces
- Correlate with deployment events and ArgoCD changes
- Identify the exact code location causing the issue
Performance correlation analysis:
Analyze the performance impact across our distributed system for the slow checkout flow.
Show me the complete trace analysis with business context and identify bottlenecks.
Find open vulnerabilities on production, setup alert:
I have this code snippet here in my IDE, where I get a dependency vulnerability warning for my code.
Check if I see any open vulnerability/cve on production.
Analyze a specific production problem.
Setup a workflow that sends Slack alerts to the #devops-alerts channel when availability problems occur.
Debug intermittent 503 errors:
Our load balancer is intermittently returning 503 errors during peak traffic.
Pull all recent problems detected for our front-end services and
run a query to correlate error rates with service instance health indicators.
I suspect we have circuit breakers triggering, but need confirmation from the telemetry data.
Correlate memory issue with logs:
There's a problem with high memory usage on one of our hosts.
Get the problem details and then fetch related logs to help understand
what's causing the memory spike? Which file in this repo is this related to?
Trace request flow analysis:
Our users are experiencing slow checkout processes.
Can you execute a DQL query to show me the full request trace for our checkout flow,
so I can identify which service is causing the bottleneck?
Analyze Kubernetes cluster events:
Our application deployments seem to be failing intermittently.
Can you fetch recent events from our "production-cluster"
to help identify what might be causing these deployment issues?
In most cases, something is wrong with the OAuth Client. Please ensure that you have added all scopes as requested above. In addition, please ensure that your user also has all necessary permissions on your Dynatrace Environment.
In case of any problems, you can troubleshoot SSO/OAuth issues based on our Dynatrace Developer Documentation and providing the list of scopes.
It is recommended to try access the following API (which requires minimal scopes app-engine:apps:run and app-engine:functions:run):
curl --request POST 'https://sso.dynatrace.com/sso/oauth2/token' \
--header 'Content-Type: application/x-www-form-urlencoded' \
--data-urlencode 'grant_type=client_credentials' \
--data-urlencode 'client_id={your-client-id}' \
--data-urlencode 'client_secret={your-client-secret}' \
--data-urlencode 'scope=app-engine:apps:run app-engine:functions:run'
access_token from the response of the above call as the bearer-token in the next call:curl -X GET https://abc12345.apps.dynatrace.com/platform/management/v1/environment \
-H 'accept: application/json' \
-H 'Authorization: Bearer {your-bearer-token}'
{
"environmentId": "abc12345",
"createTime": "2023-01-01T00:10:57.123Z",
"blockTime": "2025-12-07T00:00:00Z",
"state": "ACTIVE"
}
Grail has a dedicated section about permissions in the Dynatrace Docs. Please refer to https://docs.dynatrace.com/docs/discover-dynatrace/platform/grail/data-model/assign-permissions-in-grail for more details.
For local development purposes, you can use VSCode and GitHub Copilot.
First, enable Copilot for your Workspace .vscode/settings.json:
{
"github.copilot.enable": {
"*": true
}
}
and make sure that you are using Agent Mode in Copilot.
Second, add the MCP to .vscode/mcp.json:
{
"servers": {
"my-dynatrace-mcp-server": {
"command": "node",
"args": ["--watch", "${workspaceFolder}/dist/index.js"],
"envFile": "${workspaceFolder}/.env"
}
}
}
Third, create a .env file in this repository (you can copy from .env.template) and configure environment variables as described above.
Finally, make changes to your code and compile it with npm run build or just run npm run watch and it auto-compiles.
When you are preparing for a release, you can use GitHub Copilot to guide you through the preparations.
In Visual Studio Code, you can use /release in the chat with Copilot in Agent Mode, which will execute release.prompt.md.
You may include additional information such as the version number. If not specified, you will be asked.
This will
This product is not officially supported by Dynatrace. Please contact us via GitHub Issues if you have feature requests, questions, or need help.
0.5.0 (Release Candidate 4)
--http/--server, --port, and --host arguments (default remains stdio for backward compatibility)find_entity_by_name tool to include all entities from the Smartscape topology.get_monitored_entity_details tool to use direct entity type lookup for better performance.FAQs
Model Context Protocol (MCP) server for Dynatrace
The npm package @dynatrace-oss/dynatrace-mcp-server receives a total of 861 weekly downloads. As such, @dynatrace-oss/dynatrace-mcp-server popularity was classified as not popular.
We found that @dynatrace-oss/dynatrace-mcp-server demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 4 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
/Research
Malicious npm package impersonates Nodemailer and drains wallets by hijacking crypto transactions across multiple blockchains.
Security News
This episode explores the hard problem of reachability analysis, from static analysis limits to handling dynamic languages and massive dependency trees.
Security News
/Research
Malicious Nx npm versions stole secrets and wallet info using AI CLI tools; Socket’s AI scanner detected the supply chain attack and flagged the malware.