Skip to main content
mcpSource-backed

New Relic MCP Server for Claude

Official New Relic AI MCP Server for connecting Claude, Codex, VS Code, Windsurf, Gemini CLI, and other MCP clients to New Relic observability data, NRQL, alerts, incidents, entities, logs, performance analysis, and deployment impact context.

by New Relic · submitted by oktofeesh1·added 2026-06-04·
Review first review before installing

Open the source and read safety notes before installing.

Citation facts

Source-backed facts for citing this resource, derived directly from the registry — also available as plain text for AI assistants.

Source URLs
https://docs.newrelic.com/docs/agentic-ai/mcp/overview/, https://github.com/JSONbored/awesome-claude/blob/main/content/mcp/new-relic-mcp-server.mdx, https://newrelic.com/
Safety notes
New Relic documents the MCP Server as a preview feature. Re-check the official overview, setup guide, and tool reference before relying on a remembered endpoint, role requirement, authentication flow, tool tag, or tool name., New Relic warns that using AI tools with its MCP servers means the AI can take action on the user's behalf. Use a least-privilege New Relic account and keep assistant work read-only unless a human has explicitly approved the operation., Tool calls are governed by the permissions of the configured New Relic user API key or OAuth profile. RBAC failures are safer than over-broad access; do not use admin-like credentials just to make the assistant easier to use., The tool reference includes NRQL execution, natural-language-to-NRQL, alert and incident queries, entity discovery, dashboard access, logs, and deployment impact analysis. Treat generated queries and summaries as drafts until an operator checks the account, time window, filters, and service., Use `include-tags` to reduce the tool corpus when the task is narrow. For example, an alert triage session may only need `discovery,alerting` rather than every data-access, incident-response, performance, and advanced analysis tool., Do not commit API keys, OAuth tokens, `mcp.json`, Claude Desktop configs, Codex configs, or copied New Relic headers that contain real credentials.
Privacy notes
Tool results can expose New Relic account IDs, entity GUIDs, dashboard names, alert policy details, issue and incident state, NRQL query text, NRDB results, logs, error groups, change events, deployment markers, service names, tags, thread metrics, Kafka metrics, and other production observability data., Natural-language prompts can be converted into NRQL and executed against New Relic data. Review prompts, generated queries, and query results before pasting them into tickets, chat systems, public issues, or vendor support threads., Claude, Codex, IDE transcripts, MCP client logs, screenshots, exported incident reports, and shell history may retain New Relic-derived context outside New Relic's normal access controls., OAuth tokens and user API keys connect the assistant to a real New Relic identity. Rotate exposed keys, remove stale client configs, and audit account membership when a project or teammate no longer needs access.
Author
New Relic
Submitted by
oktofeesh1
Claim status
unclaimed
Last verified
2026-06-04

Decision playbook

Review trust signals before you adopt

Signals are present but mixed. Use the checklist below to confirm the source and operational safety for your environment.

Compare context
Selected

0

Current score

78

Baseline

Delta

No baseline selected

No major trust-signal divergence detected in the current selection.

Source and provenance checks

Complete

Confirm ownership and provenance before trusting install instructions.

  • Source link availableRequired

    Open the canonical repository and verify ownership.

    Done
  • Source provenance statusRequired

    Marked as source-backed.

    Done
  • Metadata reviewed

    Registry metadata indicates a reviewed listing.

    Done

Safety and privacy checks

Complete

Validate risk disclosures before installation or API wiring.

  • Safety notes presentRequired

    Review the listed safety guidance before running commands.

    Done
  • Privacy notes presentRequired

    Review data handling notes before connecting accounts or secrets.

    Done
  • Trust level risk gateRequired

    Trust level does not block evaluation.

    Done

Package and install checks

Needs review

Check package metadata and artifact integrity signals.

  • Install payload available

    Install or copy payload is available for review.

    Done
  • Package verification flag

    No package verification flag provided.

    Pending
  • Checksum metadata

    No checksum provided for downloaded artifact.

    Pending

Compare-driven decision checks

Needs review

Use compare context to validate trade-offs before adoption.

  • Compare tray has multiple entries

    Add at least one more entry to compare trust differences.

    Pending
  • Baseline comparison available

    No baseline peer selected yet.

    Pending
  • Diverging trust signals identified

    No major trust-signal divergence found.

    Pending

Setup at a glance

CLI install

Copy-ready — paste the snippet to get started.

15 minutes

Adoption plan

Balanced adoption plan

Current risk score 16/100. Use staged verification before broader rollout.

Risk 16

Pre-adoption checks

Validate source and review signals before any execution.

  • Confirm source provenanceRequired

    Source URL/provenance metadata is present.

    Done
  • Confirm metadata review state

    Listing has review metadata.

    Done
  • Verify install payload

    Install/config payload exists and can be inspected.

    Done

Security checks

Confirm safety, privacy, and package integrity signals.

  • Review safety notesRequired

    Safety notes are present.

    Done
  • Review privacy notesRequired

    Privacy notes are present.

    Done
  • Verify package integrity metadata

    No package verification/checksum metadata.

    Pending

Rollout

Adopt in controlled steps based on the selected plan.

  • Run in isolated sandbox firstRequired

    Use a constrained sandbox and observe behavior across multiple tasks.

    Pending
  • Roll out graduallyRequired

    Roll out to a small cohort before wider usage.

    Pending
  • Set monitoring and fallback

    Define rollback path and monitor errors after adoption.

    Pending

Evidence readiness

Evidence readiness matrix · balanced

Required evidence gates are covered (5/6 signals complete).

Risk 15

Source provenance

Present

Source repository/provenance is listed.

Required in this preset

Metadata review

Present

Review metadata is present.

Required in this preset

Safety notes

Present

Safety notes are present.

Required in this preset

Privacy notes

Present

Privacy notes are present.

Optional in this preset

Package integrity

Missing

Package integrity metadata is missing.

Optional in this preset

Install payload

Present

Install payload is available.

Required in this preset

Required evidence gates are covered for this preset.

Decision timeline

Decision timeline · balanced

5/6 steps complete with no blocking gaps for this preset.

Risk 14

triage

Confirm source provenanceRequired

Source/provenance metadata is available.

Done

triage

Check metadata review statusRequired

Review metadata is available.

Done

verify

Review safety notesRequired

Safety notes are available.

Done

verify

Review privacy notes

Privacy notes are available.

Done

verify

Validate package integrity metadata

Package integrity metadata is missing.

Pending

rollout

Verify install payload and commandsRequired

Install payload is available.

Done

No required blockers for this timeline preset.

Prerequisite readiness

Prerequisite readiness

6 prerequisites to line up before setup. Have accounts and credentials ready first.

0/6 ready
Account & credentials3Install & runtime1Permissions & scopes215 minutes

Safety & privacy surface

Safety & privacy surface

6 safety and 4 privacy notes across 5 risk areas. Review closely: credentials & tokens, permissions & scopes, third-party handling.

5 areas
  • SafetyPermissions & scopesNew Relic documents the MCP Server as a preview feature. Re-check the official overview, setup guide, and tool reference before relying on a remembered endpoint, role requirement, authentication flow, tool tag, or tool name.
  • SafetyGeneralNew Relic warns that using AI tools with its MCP servers means the AI can take action on the user's behalf. Use a least-privilege New Relic account and keep assistant work read-only unless a human has explicitly approved the operation.
  • SafetyCredentials & tokensTool calls are governed by the permissions of the configured New Relic user API key or OAuth profile. RBAC failures are safer than over-broad access; do not use admin-like credentials just to make the assistant easier to use.
  • SafetyData retentionThe tool reference includes NRQL execution, natural-language-to-NRQL, alert and incident queries, entity discovery, dashboard access, logs, and deployment impact analysis. Treat generated queries and summaries as drafts until an operator checks the account, time window, filters, and service.
  • SafetyCredentials & tokensUse `include-tags` to reduce the tool corpus when the task is narrow. For example, an alert triage session may only need `discovery,alerting` rather than every data-access, incident-response, performance, and advanced analysis tool.
  • SafetyCredentials & tokensDo not commit API keys, OAuth tokens, `mcp.json`, Claude Desktop configs, Codex configs, or copied New Relic headers that contain real credentials.
  • PrivacyData retentionTool results can expose New Relic account IDs, entity GUIDs, dashboard names, alert policy details, issue and incident state, NRQL query text, NRDB results, logs, error groups, change events, deployment markers, service names, tags, thread metrics, Kafka metrics, and other production observability data.
  • PrivacyThird-party handlingNatural-language prompts can be converted into NRQL and executed against New Relic data. Review prompts, generated queries, and query results before pasting them into tickets, chat systems, public issues, or vendor support threads.
  • PrivacyPermissions & scopesClaude, Codex, IDE transcripts, MCP client logs, screenshots, exported incident reports, and shell history may retain New Relic-derived context outside New Relic's normal access controls.
  • PrivacyCredentials & tokensOAuth tokens and user API keys connect the assistant to a real New Relic identity. Rotate exposed keys, remove stale client configs, and audit account membership when a project or teammate no longer needs access.

Safety notes

  • New Relic documents the MCP Server as a preview feature. Re-check the official overview, setup guide, and tool reference before relying on a remembered endpoint, role requirement, authentication flow, tool tag, or tool name.
  • New Relic warns that using AI tools with its MCP servers means the AI can take action on the user's behalf. Use a least-privilege New Relic account and keep assistant work read-only unless a human has explicitly approved the operation.
  • Tool calls are governed by the permissions of the configured New Relic user API key or OAuth profile. RBAC failures are safer than over-broad access; do not use admin-like credentials just to make the assistant easier to use.
  • The tool reference includes NRQL execution, natural-language-to-NRQL, alert and incident queries, entity discovery, dashboard access, logs, and deployment impact analysis. Treat generated queries and summaries as drafts until an operator checks the account, time window, filters, and service.
  • Use `include-tags` to reduce the tool corpus when the task is narrow. For example, an alert triage session may only need `discovery,alerting` rather than every data-access, incident-response, performance, and advanced analysis tool.
  • Do not commit API keys, OAuth tokens, `mcp.json`, Claude Desktop configs, Codex configs, or copied New Relic headers that contain real credentials.

Privacy notes

  • Tool results can expose New Relic account IDs, entity GUIDs, dashboard names, alert policy details, issue and incident state, NRQL query text, NRDB results, logs, error groups, change events, deployment markers, service names, tags, thread metrics, Kafka metrics, and other production observability data.
  • Natural-language prompts can be converted into NRQL and executed against New Relic data. Review prompts, generated queries, and query results before pasting them into tickets, chat systems, public issues, or vendor support threads.
  • Claude, Codex, IDE transcripts, MCP client logs, screenshots, exported incident reports, and shell history may retain New Relic-derived context outside New Relic's normal access controls.
  • OAuth tokens and user API keys connect the assistant to a real New Relic identity. Rotate exposed keys, remove stale client configs, and audit account membership when a project or teammate no longer needs access.

Prerequisites

  • New Relic account with API access and the New Relic AI MCP Server public preview enabled.
  • New Relic group membership with an organizational role documented for MCP access, such as Organization Read Only, Organization Manager, or Organization Product Admin.
  • OAuth authentication, or a New Relic user API key approved for the target account and stored outside committed project files.
  • MCP-capable client such as Claude Code, Claude Desktop, Codex CLI, VS Code, Windsurf, Gemini CLI, or another compatible environment.
  • Decision on which accounts, entities, alert policies, dashboards, logs, NRQL queries, and incident data the assistant is allowed to inspect.
  • Tool-scope plan using `include-tags` when the task only needs discovery, data-access, alerting, incident-response, performance-analytics, or advanced-analysis tools.

Schema details

Install type
cli
Troubleshooting
No
Collection metadata
Estimated setup
15 minutes
Difficulty
intermediate
Tool listing metadata
Full copyable content
{
  "mcpServers": {
    "newrelic": {
      "type": "http",
      "url": "https://mcp.newrelic.com/mcp/",
      "headers": {
        "include-tags": "discovery,alerting"
      }
    }
  }
}

About this resource

Content

New Relic MCP Server is New Relic's official Model Context Protocol bridge for giving AI development tools controlled access to New Relic observability context. It is useful when Claude, Codex, VS Code, Windsurf, Gemini CLI, or another MCP-capable client needs to inspect live telemetry, alerts, incidents, entities, dashboards, logs, or NRQL-backed analysis during debugging and operations work.

The fit is strongest for read-only investigation: entity discovery, alert triage, recent issue review, performance analysis, deployment impact review, and natural-language queries over New Relic data. Keep permissions narrow, use include-tags to limit the available tool categories, and require a human to review any query, report, or operational conclusion before it changes an incident response plan.

Features

  • Official New Relic AI MCP Server documented by New Relic.
  • Public preview setup flow with prerequisites, organizational role requirements, and preview enablement in New Relic.
  • Remote HTTP endpoint at https://mcp.newrelic.com/mcp/.
  • OAuth and user API key authentication options.
  • Claude Code setup with OAuth or API key authentication.
  • Codex CLI setup with OAuth command-line registration or config-based API key headers.
  • Claude Desktop setup through mcp-remote when OAuth is needed.
  • VS Code workspace setup through .vscode/mcp.json.
  • Tool filtering with the include-tags HTTP header.
  • Tool categories for discovery, data access, alerting, incident response, performance analytics, and advanced analysis.
  • New Relic RBAC enforcement based on the configured user API key or OAuth profile.

Use Cases

  • Ask Claude to list available New Relic accounts, entities, dashboards, and related entities before an incident review.
  • Pull recent alerts, open issues, alert policies, and synthetic monitor context for a service without leaving the coding assistant session.
  • Convert a plain-English performance question into an NRQL-backed analysis, then have an operator review the query and result before acting on it.
  • Analyze recent logs, golden metrics, transactions, Kafka metrics, garbage collection metrics, or thread metrics while debugging an application issue.
  • Review deployment impact and change events for an affected New Relic entity during release triage.
  • Generate a draft alert insight or user-impact summary for an incident handoff while preserving a clear source trail back to New Relic data.

Installation

Claude Code

For OAuth, add the remote MCP endpoint:

claude mcp add newrelic --transport http https://mcp.newrelic.com/mcp/

Start Claude Code, run /mcp, select the New Relic server, and complete the browser-based OAuth flow.

For API key authentication, use a New Relic user API key and keep the real key out of committed configuration:

claude mcp add newrelic https://mcp.newrelic.com/mcp/ --transport http --header "Api-Key: NRAK-YOUR-KEY-HERE"

Codex CLI

New Relic documents a config-based API key path for Codex:

[mcp_servers.new-relic]
url = "https://mcp.newrelic.com/mcp/"
env_http_headers = { "api-key" = "NEW_RELIC_API_KEY" }

For OAuth, New Relic documents the Codex command-line setup:

codex mcp add new-relic-mcp-server --url "https://mcp.newrelic.com/mcp/"

Then start Codex, run /mcp, and complete the authentication flow.

Claude Desktop

Claude Desktop can use mcp-remote for the New Relic remote MCP endpoint:

{
  "mcpServers": {
    "new-relic-mcp": {
      "command": "npx",
      "args": ["mcp-remote", "https://mcp.newrelic.com/mcp/"]
    }
  }
}

VS Code

Use a workspace .vscode/mcp.json file:

{
  "servers": {
    "new-relic-mcp": {
      "url": "https://mcp.newrelic.com/mcp/",
      "type": "http"
    }
  }
}

Add headers only when the workspace is private and the credential handling is approved.

Tool Scope

Use include-tags to narrow the tools exposed to the model:

{
  "servers": {
    "new-relic-mcp-server": {
      "url": "https://mcp.newrelic.com/mcp/",
      "type": "http",
      "headers": {
        "include-tags": "discovery,alerting"
      }
    }
  }
}

Useful starting scopes:

  • discovery: account, dashboard, entity, relationship, and entity-type discovery.
  • data-access: NRQL execution and natural-language-to-NRQL query workflows.
  • alerting: alert conditions, alert policies, recent issues, incidents, and synthetic monitors.
  • incident-response: deployment impact, alert insight reports, user-impact reports, error groups, and change events.
  • performance-analytics: logs, golden metrics, Kafka metrics, threads, transactions, garbage collection metrics, recent logs, and performance risk groups.
  • advanced-analysis: combined analysis workflows such as deployment impact, log analysis, alert insights, user impact, and natural-language NRQL.

Examples

Incident triage

Use New Relic MCP to list open issues, recent alerts, related entities, recent change events, and the most relevant dashboards for this service. Do not change anything.

NRQL review

Draft the NRQL query needed to compare request latency and error rate for the last 60 minutes. Show the query before executing it.

Deployment impact

Analyze deployment impact for this entity GUID over the last two hours and summarize evidence, time windows, and confidence. Keep this read-only.

Tool inventory

Before calling any New Relic tool, list which New Relic MCP tags and tool categories are available in this session.

Source Notes

  • New Relic's MCP overview describes the New Relic AI MCP Server as a centralized bridge for connecting supported AI development tools to New Relic observability context.
  • The overview documents the preview status, supported clients, prerequisites, required New Relic organizational roles, authentication options, and public preview enablement.
  • The setup guide documents Claude Code, Codex CLI, Claude Desktop, VS Code, Windsurf, and Gemini CLI setup paths.
  • The tool reference documents natural-language use, include-tags, RBAC enforcement, and tool categories for discovery, data access, alerting, incident response, performance analytics, and advanced analysis.
  • The documented MCP endpoint is https://mcp.newrelic.com/mcp/.

Duplicate Check

Before drafting this entry, the current upstream content tree and live open PRs were checked for New Relic, newrelic, new-relic-mcp-server, mcp.newrelic.com, docs.newrelic.com/docs/agentic-ai/mcp, and related title variants. Existing generic SRE and MCP setup entries only mention New Relic as an example observability product. Existing Datadog, Grafana, and Sentry MCP entries cover different observability providers. No dedicated New Relic MCP Server entry, New Relic MCP source URL duplicate, or open duplicate PR was found.

Editorial Disclosure

Submitted as a community MCP entry by oktofeesh1. This listing is based on New Relic's official MCP overview, setup guide, and tool reference, with no paid placement or affiliate relationship.

Source citations

Add this badge to your README

Show that New Relic MCP Server for Claude is listed on HeyClaude. Paste this Markdown into your README — it renders the badge and links back to this page.

Listed on HeyClaude
[![Listed on HeyClaude](https://heyclau.de/badge/mcp/new-relic-mcp-server.svg)](https://heyclau.de/entry/mcp/new-relic-mcp-server)

How it compares

New Relic MCP Server for Claude side by side with 3 alternatives on trust, install, platform support, and disclosed safety notes — all from reviewed registry metadata.

2 trust signals differ across this comparison (Source provenance, Submitter).

Field

Official New Relic AI MCP Server for connecting Claude, Codex, VS Code, Windsurf, Gemini CLI, and other MCP clients to New Relic observability data, NRQL, alerts, incidents, entities, logs, performance analysis, and deployment impact context.

Open dossier

Official Datadog MCP Server for connecting Claude, Codex, Cursor, and other MCP clients to Datadog observability, incidents, logs, metrics, traces, dashboards, monitors, notebooks, services, and security signals.

Open dossier

Apache-2.0 agentic proxy that can expose stdio, HTTP, SSE, and Streamable HTTP MCP servers through a managed gateway with federation, OAuth/JWT authentication, RBAC/CEL policy, CORS, TLS, observability, and Kubernetes Gateway API support.

Open dossier

AnomalyArmor armor-mcp stdio server with 52 consolidated data observability tools for alerts, freshness, schema drift, quality metrics, lineage, and AI recommendations.

Open dossier
Next steps
Trust
Review statusReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewedReviewedMaintainer reviewed
Package trustPackage not verifiedPackage not verifiedPackage not verifiedPackage not verified
Source provenanceDiffersSource-backedSource-backedSource-backedSubmission linkedSource submission
SubmitterDiffersoktofeesh1oktofeesh1oktofeesh1kiannidev
Install riskReview firstReview firstReview firstReview first
Notes Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓ Safety ✓ Privacy ✓
BrandDatadog logoDatadogagentgateway logoagentgateway
Categorymcpmcpmcpmcp
SourceSource-backedSource-backedSource-backedSource-backed
AuthorNew RelicDatadogagentgatewayAnomalyArmor
Added2026-06-042026-06-042026-06-062026-06-14
Platforms
Harness
Source repo
Safety notesNew Relic documents the MCP Server as a preview feature. Re-check the official overview, setup guide, and tool reference before relying on a remembered endpoint, role requirement, authentication flow, tool tag, or tool name. New Relic warns that using AI tools with its MCP servers means the AI can take action on the user's behalf. Use a least-privilege New Relic account and keep assistant work read-only unless a human has explicitly approved the operation. Tool calls are governed by the permissions of the configured New Relic user API key or OAuth profile. RBAC failures are safer than over-broad access; do not use admin-like credentials just to make the assistant easier to use. The tool reference includes NRQL execution, natural-language-to-NRQL, alert and incident queries, entity discovery, dashboard access, logs, and deployment impact analysis. Treat generated queries and summaries as drafts until an operator checks the account, time window, filters, and service. Use `include-tags` to reduce the tool corpus when the task is narrow. For example, an alert triage session may only need `discovery,alerting` rather than every data-access, incident-response, performance, and advanced analysis tool. Do not commit API keys, OAuth tokens, `mcp.json`, Claude Desktop configs, Codex configs, or copied New Relic headers that contain real credentials.Treat Datadog MCP Server as a production observability and operations interface. It can expose live incidents, monitors, logs, metrics, traces, dashboards, notebooks, services, RUM events, hosts, SLOs, and security context to the connected assistant. Datadog separates the main remote MCP Server from the narrower local Code Security MCP Server. Use this entry for Datadog telemetry and platform tools; use the Code Security MCP Server only when the task is explicitly local SAST, SCA, IaC, secrets, or SBOM scanning. Enable the smallest useful toolsets first. Use `toolsets` and `omit_tools` to keep context, permissions, and accidental action surface smaller than `toolsets=all`. Some tools can create or edit Datadog resources such as monitors and notebooks. Require human review for generated monitor definitions, alerting changes, incident updates, notebook edits, workflow actions, or any operation that could page a team or change production observability state. Datadog documents MCP-specific RBAC permissions as well as normal underlying resource permissions. A user who can connect the MCP Server may still need separate read or write permissions for monitors, logs, APM, dashboards, notebooks, incidents, services, and other products. The MCP Server has fair-use limits documented as 50 requests per 10 seconds for tool-call bursts and 50,000 monthly tool calls, and Datadog notes that those limits are subject to change. Datadog states that the MCP Server is under significant development. Review the official docs and available tool list before relying on a remembered tool name, permission, limit, or behavior.Agentgateway can aggregate and expose many downstream MCP targets through one endpoint; every target's permissions become part of the gateway surface. Stdio targets are spawned by the gateway process, so commands such as package runners or containers inherit the gateway host's trust boundary. Demo configs use permissive CORS and local authorization servers; lock down origins, headers, issuers, audiences, JWKS, and resource metadata before production use. CEL/RBAC policies can inspect MCP tool names, arguments, results, prompts, resources, request bodies, JWT claims, API keys, and backend metadata; test policies before relying on them. Remote MCP proxying, OAuth provider adaptation, Kubernetes routing, TLS termination, and guardrails are infrastructure changes that should go through normal security review.Tools can create alert rules, freshness schedules, metrics, and monitoring configurations. manage_asset and related tools may trigger discovery jobs on production sources. Alert acknowledgement and resolution changes operational state. Review AI recommendations before applying automated monitoring at scale.
Privacy notesTool results can expose New Relic account IDs, entity GUIDs, dashboard names, alert policy details, issue and incident state, NRQL query text, NRDB results, logs, error groups, change events, deployment markers, service names, tags, thread metrics, Kafka metrics, and other production observability data. Natural-language prompts can be converted into NRQL and executed against New Relic data. Review prompts, generated queries, and query results before pasting them into tickets, chat systems, public issues, or vendor support threads. Claude, Codex, IDE transcripts, MCP client logs, screenshots, exported incident reports, and shell history may retain New Relic-derived context outside New Relic's normal access controls. OAuth tokens and user API keys connect the assistant to a real New Relic identity. Rotate exposed keys, remove stale client configs, and audit account membership when a project or teammate no longer needs access.Datadog says all MCP Server tool calls are recorded in Audit Trail with MCP metadata including tool name, arguments, user identity, and MCP client. Datadog also emits MCP usage metrics such as `datadog.mcp.session.starts` and `datadog.mcp.tool.usage`, tagged with values including user ID, user email, client name, and tool name. Remote Datadog MCP Server usage can include prompts, transitions to and from the Datadog login page, errors, user identifiers, and context leading to MCP tool usage; Datadog documents that this data is stored for 120 days. Tool results can include production logs, traces, metric values, monitor states, dashboard names, notebook contents, incidents, service catalog metadata, host data, security findings, RUM events, team ownership, and operational timelines. Claude transcripts, Codex logs, IDE logs, screenshots, exported notebooks, support bundles, and incident summaries can retain Datadog-derived data outside Datadog's normal access controls and retention policies. Datadog describes the MCP Server as HIPAA-eligible, but users remain responsible for confirming that any connected AI tool, client, workflow, and retention path meets their compliance requirements.MCP requests, tool arguments, tool results, prompt names, resource names, session IDs, JWT/API-key claims, raw request/response bodies, logs, traces, and telemetry may pass through the gateway. CEL policy and observability features may buffer or inspect request and response bodies depending on configuration. OAuth/JWT metadata, bearer tokens, API keys, DCR secrets, Keycloak/Auth0/Okta settings, and upstream MCP credentials must be protected as secrets. Any data returned by downstream MCP tools can still be sent onward by the MCP client to the configured model provider.Table names, schema metadata, alert details, and sample metrics are sent to AnomalyArmor. Natural language `ask_question` queries may expose internal data catalog context to the LLM. API keys grant access until revoked in AnomalyArmor settings.
Prerequisites
  • New Relic account with API access and the New Relic AI MCP Server public preview enabled.
  • New Relic group membership with an organizational role documented for MCP access, such as Organization Read Only, Organization Manager, or Organization Product Admin.
  • OAuth authentication, or a New Relic user API key approved for the target account and stored outside committed project files.
  • MCP-capable client such as Claude Code, Claude Desktop, Codex CLI, VS Code, Windsurf, Gemini CLI, or another compatible environment.
  • Datadog account on a supported commercial Datadog site; Datadog documents that the MCP Server is not GovCloud compatible.
  • MCP-capable client such as Claude, Claude Code, Codex, Cursor, Gemini CLI, Devin, Goose, OpenCode, VS Code, or another compatible client.
  • Correct regional Datadog MCP endpoint for the account's Datadog site.
  • OAuth access, or an approved API key and application key fallback when OAuth is not available.
  • Agentgateway binary, container image, or source checkout from the upstream release/container/docs path.
  • At least one downstream MCP target, such as a stdio command, remote MCP server, SSE server, or Streamable HTTP server.
  • MCP client that can connect to the exposed Streamable HTTP or SSE route.
  • Auth, CORS, TLS, route, and policy configuration reviewed before shared or remote exposure.
  • AnomalyArmor account with an API key from Settings → API Keys.
  • Python uv/uvx available on the host running the MCP client.
  • Connected data sources already onboarded in AnomalyArmor.
  • Claude Code, Cursor, or another MCP client with stdio transport.
Install
claude mcp add newrelic --transport http https://mcp.newrelic.com/mcp/
claude mcp add --transport http datadog-mcp <YOUR_MCP_SERVER_ENDPOINT>
docker pull ghcr.io/agentgateway/agentgateway
claude mcp add armor -- uvx armor-mcp
Config
{
  "mcpServers": {
    "newrelic": {
      "type": "http",
      "url": "https://mcp.newrelic.com/mcp/",
      "headers": {
        "include-tags": "discovery,alerting"
      }
    }
  }
}
{
  "mcpServers": {
    "datadog": {
      "type": "http",
      "url": "<YOUR_MCP_SERVER_ENDPOINT>",
      "headers": {}
    }
  }
}
{
  "mcpServers": {
    "agentgateway": {
      "url": "LOCAL_AGENTGATEWAY_MCP_URL",
      "headers": {
        "Authorization": "Bearer AGENTGATEWAY_MCP_TOKEN"
      }
    }
  }
}
{
  "mcpServers": {
    "armor": {
      "command": "uvx",
      "args": ["armor-mcp"],
      "env": {
        "ARMOR_API_KEY": "aa_live_your_key_here"
      }
    }
  }
}
Citations
ClaimUnclaimedUnclaimedUnclaimedUnclaimed
Open 4 picks in the interactive comparison tool

Related guides

Signals

Loading live community signals…

More like this, weekly

A short, calm digest of reviewed Claude resources. Unsubscribe any time.