Official Datadog MCP Server for connecting Claude, Codex, Cursor, and other MCP clients to Datadog observability, incidents, logs, metrics, traces, dashboards, monitors, notebooks, services, and security signals.
Treat Datadog MCP Server as a production observability and operations interface. It can expose live incidents, monitors, logs, metrics, traces, dashboards, notebooks, services, RUM events, hosts, SLOs, and security context to the connected assistant., Datadog separates the main remote MCP Server from the narrower local Code Security MCP Server. Use this entry for Datadog telemetry and platform tools; use the Code Security MCP Server only when the task is explicitly local SAST, SCA, IaC, secrets, or SBOM scanning., Enable the smallest useful toolsets first. Use `toolsets` and `omit_tools` to keep context, permissions, and accidental action surface smaller than `toolsets=all`., Some tools can create or edit Datadog resources such as monitors and notebooks. Require human review for generated monitor definitions, alerting changes, incident updates, notebook edits, workflow actions, or any operation that could page a team or change production observability state., Datadog documents MCP-specific RBAC permissions as well as normal underlying resource permissions. A user who can connect the MCP Server may still need separate read or write permissions for monitors, logs, APM, dashboards, notebooks, incidents, services, and other products., The MCP Server has fair-use limits documented as 50 requests per 10 seconds for tool-call bursts and 50,000 monthly tool calls, and Datadog notes that those limits are subject to change., Datadog states that the MCP Server is under significant development. Review the official docs and available tool list before relying on a remembered tool name, permission, limit, or behavior.
Privacy notes
Datadog says all MCP Server tool calls are recorded in Audit Trail with MCP metadata including tool name, arguments, user identity, and MCP client., Datadog also emits MCP usage metrics such as `datadog.mcp.session.starts` and `datadog.mcp.tool.usage`, tagged with values including user ID, user email, client name, and tool name., Remote Datadog MCP Server usage can include prompts, transitions to and from the Datadog login page, errors, user identifiers, and context leading to MCP tool usage; Datadog documents that this data is stored for 120 days., Tool results can include production logs, traces, metric values, monitor states, dashboard names, notebook contents, incidents, service catalog metadata, host data, security findings, RUM events, team ownership, and operational timelines., Claude transcripts, Codex logs, IDE logs, screenshots, exported notebooks, support bundles, and incident summaries can retain Datadog-derived data outside Datadog's normal access controls and retention policies., Datadog describes the MCP Server as HIPAA-eligible, but users remain responsible for confirming that any connected AI tool, client, workflow, and retention path meets their compliance requirements.
Author
Datadog
Submitted by
oktofeesh1
Claim status
unclaimed
Last verified
2026-06-04
Decision playbook
Review trust signals before you adopt
Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.
Compare context
Selected
0
Current score
78
Baseline
—
Delta
No baseline selected
No major trust-signal divergence detected in the current selection.
Source and provenance checks
Complete
Confirm ownership and provenance before trusting install instructions.
Source link availableRequired
Open the canonical repository and verify ownership.
Done
Source provenance statusRequired
Marked as source-backed.
Done
Metadata reviewed
Registry metadata indicates a reviewed listing.
Done
Safety and privacy checks
Complete
Validate risk disclosures before installation or API wiring.
Safety notes presentRequired
Review the listed safety guidance before running commands.
Done
Privacy notes presentRequired
Review data handling notes before connecting accounts or secrets.
Done
Trust level risk gateRequired
Trust level does not block evaluation.
Done
Package and install checks
Needs review
Check package metadata and artifact integrity signals.
Install payload available
Install or copy payload is available for review.
Done
Package verification flag
No package verification flag provided.
Pending
Checksum metadata
No checksum provided for downloaded artifact.
Pending
Compare-driven decision checks
Needs review
Use compare context to validate trade-offs before adoption.
Compare tray has multiple entries
Add at least one more entry to compare trust differences.
7 safety and 6 privacy notes across 6 risk areas. Review closely: credentials & tokens, permissions & scopes, network access.
6 areas
SafetyData retentionTreat Datadog MCP Server as a production observability and operations interface. It can expose live incidents, monitors, logs, metrics, traces, dashboards, notebooks, services, RUM events, hosts, SLOs, and security context to the connected assistant.
SafetyCredentials & tokensDatadog separates the main remote MCP Server from the narrower local Code Security MCP Server. Use this entry for Datadog telemetry and platform tools; use the Code Security MCP Server only when the task is explicitly local SAST, SCA, IaC, secrets, or SBOM scanning.
SafetyPermissions & scopesEnable the smallest useful toolsets first. Use `toolsets` and `omit_tools` to keep context, permissions, and accidental action surface smaller than `toolsets=all`.
SafetyGeneralSome tools can create or edit Datadog resources such as monitors and notebooks. Require human review for generated monitor definitions, alerting changes, incident updates, notebook edits, workflow actions, or any operation that could page a team or change production observability state.
SafetyPermissions & scopesDatadog documents MCP-specific RBAC permissions as well as normal underlying resource permissions. A user who can connect the MCP Server may still need separate read or write permissions for monitors, logs, APM, dashboards, notebooks, incidents, services, and other products.
SafetyNetwork accessThe MCP Server has fair-use limits documented as 50 requests per 10 seconds for tool-call bursts and 50,000 monthly tool calls, and Datadog notes that those limits are subject to change.
SafetyPermissions & scopesDatadog states that the MCP Server is under significant development. Review the official docs and available tool list before relying on a remembered tool name, permission, limit, or behavior.
PrivacyGeneralDatadog says all MCP Server tool calls are recorded in Audit Trail with MCP metadata including tool name, arguments, user identity, and MCP client.
PrivacyCredentials & tokensDatadog also emits MCP usage metrics such as `datadog.mcp.session.starts` and `datadog.mcp.tool.usage`, tagged with values including user ID, user email, client name, and tool name.
PrivacyNetwork accessRemote Datadog MCP Server usage can include prompts, transitions to and from the Datadog login page, errors, user identifiers, and context leading to MCP tool usage; Datadog documents that this data is stored for 120 days.
PrivacyData retentionTool results can include production logs, traces, metric values, monitor states, dashboard names, notebook contents, incidents, service catalog metadata, host data, security findings, RUM events, team ownership, and operational timelines.
PrivacyPermissions & scopesClaude transcripts, Codex logs, IDE logs, screenshots, exported notebooks, support bundles, and incident summaries can retain Datadog-derived data outside Datadog's normal access controls and retention policies.
PrivacyLocal filesDatadog describes the MCP Server as HIPAA-eligible, but users remain responsible for confirming that any connected AI tool, client, workflow, and retention path meets their compliance requirements.
Safety notes
Treat Datadog MCP Server as a production observability and operations interface. It can expose live incidents, monitors, logs, metrics, traces, dashboards, notebooks, services, RUM events, hosts, SLOs, and security context to the connected assistant.
Datadog separates the main remote MCP Server from the narrower local Code Security MCP Server. Use this entry for Datadog telemetry and platform tools; use the Code Security MCP Server only when the task is explicitly local SAST, SCA, IaC, secrets, or SBOM scanning.
Enable the smallest useful toolsets first. Use `toolsets` and `omit_tools` to keep context, permissions, and accidental action surface smaller than `toolsets=all`.
Some tools can create or edit Datadog resources such as monitors and notebooks. Require human review for generated monitor definitions, alerting changes, incident updates, notebook edits, workflow actions, or any operation that could page a team or change production observability state.
Datadog documents MCP-specific RBAC permissions as well as normal underlying resource permissions. A user who can connect the MCP Server may still need separate read or write permissions for monitors, logs, APM, dashboards, notebooks, incidents, services, and other products.
The MCP Server has fair-use limits documented as 50 requests per 10 seconds for tool-call bursts and 50,000 monthly tool calls, and Datadog notes that those limits are subject to change.
Datadog states that the MCP Server is under significant development. Review the official docs and available tool list before relying on a remembered tool name, permission, limit, or behavior.
Privacy notes
Datadog says all MCP Server tool calls are recorded in Audit Trail with MCP metadata including tool name, arguments, user identity, and MCP client.
Datadog also emits MCP usage metrics such as `datadog.mcp.session.starts` and `datadog.mcp.tool.usage`, tagged with values including user ID, user email, client name, and tool name.
Remote Datadog MCP Server usage can include prompts, transitions to and from the Datadog login page, errors, user identifiers, and context leading to MCP tool usage; Datadog documents that this data is stored for 120 days.
Tool results can include production logs, traces, metric values, monitor states, dashboard names, notebook contents, incidents, service catalog metadata, host data, security findings, RUM events, team ownership, and operational timelines.
Claude transcripts, Codex logs, IDE logs, screenshots, exported notebooks, support bundles, and incident summaries can retain Datadog-derived data outside Datadog's normal access controls and retention policies.
Datadog describes the MCP Server as HIPAA-eligible, but users remain responsible for confirming that any connected AI tool, client, workflow, and retention path meets their compliance requirements.
Prerequisites
Datadog account on a supported commercial Datadog site; Datadog documents that the MCP Server is not GovCloud compatible.
MCP-capable client such as Claude, Claude Code, Codex, Cursor, Gemini CLI, Devin, Goose, OpenCode, VS Code, or another compatible client.
Correct regional Datadog MCP endpoint for the account's Datadog site.
OAuth access, or an approved API key and application key fallback when OAuth is not available.
Datadog user role permissions for MCP Server access plus the underlying resources each enabled tool can read or write.
Decision on which product toolsets to enable with the `toolsets` query parameter and which tools to exclude with `omit_tools`.
Organization approval for sending selected observability context, prompts, and MCP tool-call metadata through the connected AI client.
Datadog MCP Server is Datadog's official MCP interface for connecting AI
agents to Datadog observability and operations context. It lets MCP clients such
as Claude, Claude Code, Codex, Cursor, Gemini CLI, Devin, Goose, OpenCode, VS
Code, and custom agents query and work with Datadog data through documented MCP
tools.
Use it when the assistant needs current Datadog telemetry during debugging,
incident response, service review, alert triage, or production-readiness work.
Keep the scope tight: start with read-only investigation, enable only the
needed toolsets, and require human review before any assistant creates,
modifies, publishes, or escalates operational state.
Features
Official Datadog MCP Server documented under Datadog's MCP Server docs.
Remote MCP setup for clients that support HTTP transport and OAuth.
Recommended Datadog Connector path for Claude.
Recommended Datadog plugin path for Claude Code, with bundled skills and
Datadog slash commands.
Codex setup through ~/.codex/config.toml plus codex mcp login datadog.
Toolset selection through the toolsets query parameter.
Tool exclusion through the omit_tools query parameter.
Core tools for logs, metrics, traces, dashboards, monitors, incidents, hosts,
services, events, notebooks, RUM events, and service dependencies.
Product-specific toolsets for areas such as APM, LLM Observability, alerting,
RUM, dashboards, incidents, notebooks, cloud cost, and other Datadog product
surfaces as documented by Datadog.
Context controls such as response truncation and max_tokens parameters for
many tools.
Datadog Audit Trail events and MCP usage metrics for tracking tool calls.
Use Cases
Ask Claude to summarize active incidents, related monitors, recent deploy
events, service dependencies, and likely next read-only checks.
Investigate production errors by searching Datadog logs, traces, spans,
services, dashboards, and relevant metrics from one MCP client conversation.
Review an alert by pulling monitor context, metric history, service ownership,
and linked notebooks before proposing a change.
Use the APM and LLM Observability toolsets for focused service or model
workflow debugging without exposing every Datadog tool.
Generate a draft monitor or notebook section, then review it in Datadog before
publishing or using it in an incident.
Audit MCP usage through Datadog Audit Trail and MCP usage metrics after a
debugging session.
Installation
Claude
Datadog recommends installing the Datadog Connector from the Claude Connectors
Directory when it is available. Complete the OAuth flow and verify Datadog
permissions for the resources the assistant should access.
Claude Code
Datadog recommends the official Claude Code plugin when available:
/plugin install datadog@claude-plugins-official
For first-time setup, run /ddsetup or enter a Datadog-related prompt, then
select the Datadog site, complete OAuth, and use /ddtoolsets to enable or
disable product-specific tool groups.
If the plugin is not available, add the remote MCP endpoint directly:
claude mcp add --transport http datadog-mcp <YOUR_MCP_SERVER_ENDPOINT>
Codex
Add the Datadog endpoint for the account's regional Datadog site to Codex:
Use Datadog MCP to list active incidents, related alerting monitors, recent deployment events, and affected services. Do not make changes.
Scope toolsets before debugging
Show which Datadog MCP tools are enabled in this client and what each can read or change before calling any production-impacting tool.
Review observability coverage
Use Datadog MCP to review monitor and SLO coverage for service:checkout. Summarize gaps and propose draft monitor changes without publishing them.
Audit tool usage
Find Datadog Audit Trail entries for MCP Server tool calls from the last debugging session and group them by user, client, and tool name.
Source Notes
Datadog's MCP Server overview describes the server as a bridge between
Datadog observability data and AI agents that support MCP.
Datadog's AI-agent note says this is the main Datadog MCP Server for most
setup questions and distinguishes it from the local Code Security MCP Server.
Datadog setup docs describe Claude Connector, Claude Code plugin, direct
Claude Code HTTP setup, Codex config, OAuth, API/application key fallback,
role permissions, toolsets, and omit_tools.
Datadog tools docs list core tools for events, incidents, metrics, monitors,
traces, dashboards, notebooks, hosts, services, logs, RUM events, and related
product-specific toolsets.
Datadog documents MCP Audit Trail records, MCP usage metrics, fair-use rate
limits, HIPAA eligibility, no GovCloud compatibility, and 120-day retention
for certain remote MCP usage data.
Duplicate Check
Checked current upstream/main, open PR titles, open PR changed files, source
URLs, and content files for Datadog MCP, datadog-mcp-server,
docs.datadoghq.com/mcp_server, mcp.datadoghq, datadog.mcp, and
Datadog Code Security MCP overlap. Existing content mentions Datadog only as an
example integration in broad observability or security entries; there is no
dedicated Datadog MCP Server entry, source URL duplicate, or open content PR
for this server.
Editorial Disclosure
Datadog is a commercial observability and security platform, but this listing
is not sponsored, paid, affiliate-backed, or submitted by Datadog. Use
Datadog's current documentation, account permissions, regional site selector,
privacy terms, and compliance requirements as the source of truth before
connecting production data to any AI client.
Show that Datadog MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.
[](https://heyclau.de/entry/mcp/datadog-mcp-server)
How it compares
Datadog MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.
2 trust signals differ across this comparison (Source provenance, Submitter).
Official Datadog MCP Server for connecting Claude, Codex, Cursor, and other MCP clients to Datadog observability, incidents, logs, metrics, traces, dashboards, monitors, notebooks, services, and security signals.
Official New Relic AI MCP Server for connecting Claude, Codex, VS Code, Windsurf, Gemini CLI, and other MCP clients to New Relic observability data, NRQL, alerts, incidents, entities, logs, performance analysis, and deployment impact context.
AnomalyArmor armor-mcp stdio server with 52 consolidated data observability tools for alerts, freshness, schema drift, quality metrics, lineage, and AI recommendations.
Official AWS Labs MCP server that gives troubleshooting agents task-oriented access to Amazon CloudWatch metrics, alarms, logs, and PromQL queries for AI-assisted root-cause analysis and remediation recommendations.
✓Treat Datadog MCP Server as a production observability and operations interface. It can expose live incidents, monitors, logs, metrics, traces, dashboards, notebooks, services, RUM events, hosts, SLOs, and security context to the connected assistant.
Datadog separates the main remote MCP Server from the narrower local Code Security MCP Server. Use this entry for Datadog telemetry and platform tools; use the Code Security MCP Server only when the task is explicitly local SAST, SCA, IaC, secrets, or SBOM scanning.
Enable the smallest useful toolsets first. Use `toolsets` and `omit_tools` to keep context, permissions, and accidental action surface smaller than `toolsets=all`.
Some tools can create or edit Datadog resources such as monitors and notebooks. Require human review for generated monitor definitions, alerting changes, incident updates, notebook edits, workflow actions, or any operation that could page a team or change production observability state.
Datadog documents MCP-specific RBAC permissions as well as normal underlying resource permissions. A user who can connect the MCP Server may still need separate read or write permissions for monitors, logs, APM, dashboards, notebooks, incidents, services, and other products.
The MCP Server has fair-use limits documented as 50 requests per 10 seconds for tool-call bursts and 50,000 monthly tool calls, and Datadog notes that those limits are subject to change.
Datadog states that the MCP Server is under significant development. Review the official docs and available tool list before relying on a remembered tool name, permission, limit, or behavior.
✓New Relic documents the MCP Server as a preview feature. Re-check the official overview, setup guide, and tool reference before relying on a remembered endpoint, role requirement, authentication flow, tool tag, or tool name.
New Relic warns that using AI tools with its MCP servers means the AI can take action on the user's behalf. Use a least-privilege New Relic account and keep assistant work read-only unless a human has explicitly approved the operation.
Tool calls are governed by the permissions of the configured New Relic user API key or OAuth profile. RBAC failures are safer than over-broad access; do not use admin-like credentials just to make the assistant easier to use.
The tool reference includes NRQL execution, natural-language-to-NRQL, alert and incident queries, entity discovery, dashboard access, logs, and deployment impact analysis. Treat generated queries and summaries as drafts until an operator checks the account, time window, filters, and service.
Use `include-tags` to reduce the tool corpus when the task is narrow. For example, an alert triage session may only need `discovery,alerting` rather than every data-access, incident-response, performance, and advanced analysis tool.
Do not commit API keys, OAuth tokens, `mcp.json`, Claude Desktop configs, Codex configs, or copied New Relic headers that contain real credentials.
✓Tools can create alert rules, freshness schedules, metrics, and monitoring configurations.
manage_asset and related tools may trigger discovery jobs on production sources.
Alert acknowledgement and resolution changes operational state.
Review AI recommendations before applying automated monitoring at scale.
✓This server reads CloudWatch telemetry from your AWS account; scope the AWS credentials/profile to read-only CloudWatch access and the intended accounts and regions.
It is designed for observability and troubleshooting (metrics, alarms, logs, PromQL) and does not modify resources, but it can issue many CloudWatch read APIs that may incur AWS request costs.
Run it only on a trusted host, since it uses the local machine's AWS credentials to reach your account.
Some PromQL tooling is region-limited and may require enabling OTel enrichment (`aws cloudwatch start-otel-enrichment`); review the server docs before relying on it.
Privacy notes
✓Datadog says all MCP Server tool calls are recorded in Audit Trail with MCP metadata including tool name, arguments, user identity, and MCP client.
Datadog also emits MCP usage metrics such as `datadog.mcp.session.starts` and `datadog.mcp.tool.usage`, tagged with values including user ID, user email, client name, and tool name.
Remote Datadog MCP Server usage can include prompts, transitions to and from the Datadog login page, errors, user identifiers, and context leading to MCP tool usage; Datadog documents that this data is stored for 120 days.
Tool results can include production logs, traces, metric values, monitor states, dashboard names, notebook contents, incidents, service catalog metadata, host data, security findings, RUM events, team ownership, and operational timelines.
Claude transcripts, Codex logs, IDE logs, screenshots, exported notebooks, support bundles, and incident summaries can retain Datadog-derived data outside Datadog's normal access controls and retention policies.
Datadog describes the MCP Server as HIPAA-eligible, but users remain responsible for confirming that any connected AI tool, client, workflow, and retention path meets their compliance requirements.
✓Tool results can expose New Relic account IDs, entity GUIDs, dashboard names, alert policy details, issue and incident state, NRQL query text, NRDB results, logs, error groups, change events, deployment markers, service names, tags, thread metrics, Kafka metrics, and other production observability data.
Natural-language prompts can be converted into NRQL and executed against New Relic data. Review prompts, generated queries, and query results before pasting them into tickets, chat systems, public issues, or vendor support threads.
Claude, Codex, IDE transcripts, MCP client logs, screenshots, exported incident reports, and shell history may retain New Relic-derived context outside New Relic's normal access controls.
OAuth tokens and user API keys connect the assistant to a real New Relic identity. Rotate exposed keys, remove stale client configs, and audit account membership when a project or teammate no longer needs access.
✓Table names, schema metadata, alert details, and sample metrics are sent to AnomalyArmor.
Natural language `ask_question` queries may expose internal data catalog context to the LLM.
API keys grant access until revoked in AnomalyArmor settings.
✓Metric values, alarm states and history, log group contents, namespaces, dimensions, ARNs, and account/region metadata can be returned through tool calls and exposed to the model.
Queries and time ranges you ask about are sent to the CloudWatch APIs using your configured credentials; keep account identifiers and credentials out of public prompts, issues, and screenshots.
Prerequisites
Datadog account on a supported commercial Datadog site; Datadog documents that the MCP Server is not GovCloud compatible.
MCP-capable client such as Claude, Claude Code, Codex, Cursor, Gemini CLI, Devin, Goose, OpenCode, VS Code, or another compatible client.
Correct regional Datadog MCP endpoint for the account's Datadog site.
OAuth access, or an approved API key and application key fallback when OAuth is not available.
New Relic account with API access and the New Relic AI MCP Server public preview enabled.
New Relic group membership with an organizational role documented for MCP access, such as Organization Read Only, Organization Manager, or Organization Product Admin.
OAuth authentication, or a New Relic user API key approved for the target account and stored outside committed project files.
MCP-capable client such as Claude Code, Claude Desktop, Codex CLI, VS Code, Windsurf, Gemini CLI, or another compatible environment.
AnomalyArmor account with an API key from Settings → API Keys.
Python uv/uvx available on the host running the MCP client.
Connected data sources already onboarded in AnomalyArmor.
Claude Code, Cursor, or another MCP client with stdio transport.
An AWS account with CloudWatch telemetry (metrics, alarms, and/or logs).
Python 3.10 or newer and `uv` / `uvx` installed (Astral) to run the package.
AWS credentials configured locally (for example via `aws configure` or `AWS_PROFILE`) with read access to the CloudWatch APIs you intend to use.
An MCP client that supports stdio servers; the server runs locally on the same host as the client.
Install
claude mcp add --transport http datadog-mcp <YOUR_MCP_SERVER_ENDPOINT>
claude mcp add newrelic --transport http https://mcp.newrelic.com/mcp/