The Datadog MCP server gives AI agents direct access to your Datadog platform — logs, metrics, traces, dashboards, monitors, incidents, hosts, services, events, notebooks, and more. Everything your team sees in the Datadog web UI, your agent can now query programmatically.

It’s official. Datadog builds and maintains it at datadog-labs/mcp-server. The GitHub repo is minimal (7 stars, 11 commits, 3 contributors, MIT license) because Datadog hosts the server itself — there’s nothing to install, fork, or self-host. The MCP server is generally available as of March 2026, having graduated from preview status.

This is the third observability MCP server we’ve reviewed after Sentry (4/5) and Grafana (4/5). Where Sentry is deep and narrow (error tracking) and Grafana is open-source and multi-vendor, Datadog is the enterprise full-stack play. It covers more operational surface than any other observability MCP server — and it’s the only one with toolsets for LLM observability, feature flags, database monitoring, and synthetic testing.

What It Does

The server exposes 50+ tools organized into modular toolsets — capability groups you enable or disable via the ?toolsets= query parameter. This is Datadog’s answer to context window management: don’t load tools you don’t need.

Core Toolset (enabled by default)

  • get_logs — search logs with SQL queries, filter by facets and time ranges
  • list_spans — investigate spans relevant to queries
  • get_trace — retrieve all spans from a specific trace
  • list_metrics — discover available metrics
  • get_metrics — query timeseries metrics data
  • get_monitors — retrieve monitors and their configurations
  • list_incidents — retrieve ongoing incidents
  • get_incident — get specific incident details (timeline, responders)
  • list_dashboards — discover available dashboards
  • list_hosts — detailed host information
  • search_datadog_docs — RAG-powered documentation lookup

Alerting Toolset (opt-in)

  • Validate monitor configurations, search monitor groups, retrieve monitor templates

APM Toolset (opt-in)

  • In-depth trace analysis, span search, Watchdog insights, performance investigation

Database Monitoring Toolset (opt-in)

  • Query database performance data, slow queries, explain plans

Error Tracking Toolset (opt-in)

  • Access grouped errors, stack traces, and error trends

Feature Flags Toolset (opt-in)

  • Manage and query feature flag states — useful for incident correlation

LLM Observability Toolset (opt-in)

  • Search and analyze LLM spans and experiments — monitor your AI agents’ performance from inside another AI agent

Product Analytics Toolset (opt-in)

  • Query product analytics and RUM (Real User Monitoring) data

Networks Toolset (opt-in)

  • Network performance monitoring and flow data

Security Toolset (opt-in)

  • Security signals, findings, and compliance data

Software Delivery Toolset (opt-in)

  • CI/CD pipeline data, deployment tracking

Synthetics Toolset (opt-in)

  • Synthetic test results and configurations

That’s 10+ toolsets beyond the core, each adding specialized capabilities. The modular design means a debugging-focused agent can load just core + APM + error-tracking, while an SRE agent might load core + alerting + database monitoring + synthetics. You choose what fits the workflow.

Setup

Datadog’s setup is the simplest of any observability MCP server — there’s nothing to install:

For Claude Code:

claude mcp add --transport http datadog https://mcp.datadoghq.com/api/unstable/mcp-server/mcp

Via .mcp.json:

{
  "mcpServers": {
    "datadog": {
      "type": "http",
      "url": "https://mcp.datadoghq.com/api/unstable/mcp-server/mcp",
      "headers": {
        "DD-API-KEY": "<your-api-key>",
        "DD-APPLICATION-KEY": "<your-application-key>"
      }
    }
  }
}

To enable specific toolsets, append them to the URL:

https://mcp.datadoghq.com/api/unstable/mcp-server/mcp?toolsets=core,apm,alerting

Regional endpoints:

Region URL
US1 (default) mcp.datadoghq.com
US3 mcp.us3.datadoghq.com
EU1 mcp.datadoghq.eu
AP1/AP2 Region-specific variants

The server uses Streamable HTTP transport exclusively — no stdio, no local process. Authentication supports OAuth 2.0 for interactive flows and API key + application key via HTTP headers for server-to-server or headless setups.

The server works with Claude Code, Cursor, OpenAI Codex, GitHub Copilot, VS Code, Goose, Cognition, and Kiro.

What’s Good

The broadest observability tool surface in the MCP ecosystem. No other single MCP server covers logs, metrics, traces, APM, alerting, database monitoring, error tracking, feature flags, LLM observability, product analytics, networks, security, software delivery, and synthetic testing. Grafana MCP (40+ tools) is comprehensive for open-source stacks, but Datadog’s 50+ tools across 10+ toolsets cover operational surface that no other server touches — particularly LLM observability, feature flags, and synthetics.

Agent-native tool design, not an API wrapper. Datadog’s engineering blog details how they rethought tool design specifically for agents. Key decisions: CSV output instead of JSON (50% fewer tokens for tabular data), field trimming to remove unused data, and token-budget pagination — the server cuts off responses after a configurable token budget and returns a cursor for more, instead of paginating by record count. This prevents the “one huge log eats the entire context window” problem that plagues other observability servers. They also support SQL-like queries against logs (SELECT service, COUNT(*) FROM logs WHERE status='error' GROUP BY service), achieving 40% cost reduction in evaluation scenarios compared to raw log retrieval.

Modular toolsets prevent context window waste. Like Grafana’s --disable-<category> flags, Datadog’s toolset system lets you load only the capabilities your agent needs. But Datadog takes it further: toolsets are URL-parameterized (?toolsets=core,apm), meaning you can have multiple MCP server configurations — one for debugging, one for incident response, one for performance analysis — all pointing to the same server with different toolset combinations.

Zero-install remote hosting. While Grafana requires you to run the MCP server yourself and Sentry hosts at mcp.sentry.dev, Datadog provides managed endpoints across multiple regions. There’s no process to keep running, no Docker container to manage, no version to update. The server is always the latest version because Datadog maintains it.

Actionable error messages. When an agent writes a bad query (e.g., misspelling a field name), the server returns suggestions: “unknown field ‘stauts’ — did you mean ‘status’?” This kind of agent-aware error handling reduces retry loops and wasted tool calls. Server instructions also guide agents to documentation when they’re uncertain about query syntax.

RBAC-aware security. The server inherits your existing Datadog RBAC controls — agents can only access what the authenticated user or service account can access. This means you don’t need to build a separate permission model for AI access. It also supports HIPAA-compliant environments, which is rare for MCP servers.

GA status. Most observability MCP servers are in preview, beta, or pre-1.0. Datadog’s is generally available, meaning it’s covered by Datadog’s standard support and SLA commitments. For enterprise teams evaluating MCP servers, GA status matters.

What’s Not

API key authentication by default. While OAuth 2.0 is available for interactive flows, most setups use DD-API-KEY and DD-APPLICATION-KEY headers. These are organization-level and user-level credentials respectively — more powerful than Sentry’s scoped OAuth tokens. If an agent config file is compromised, the attacker gets broad Datadog API access. Sentry’s browser-based OAuth flow is more secure by design.

Datadog’s pricing is the real barrier. The MCP server itself doesn’t cost extra, but it requires an existing Datadog subscription. Datadog’s pricing is notoriously complex — per-host infrastructure monitoring ($15-23/host/mo), per-million log events ($0.10/million), APM with trace retention pricing, and each product adds another line item. There’s a 14-day free trial, but no permanent free tier that covers enough for meaningful MCP use. Compare this to Sentry (free 10K events/mo), New Relic (free 100GB/mo), or Grafana Cloud (free tier for core features).

Not GovCloud compatible. The Datadog MCP Server is explicitly not available for GovCloud environments. Government and defense teams using Datadog’s GovCloud offering cannot use the MCP server.

Closed source, no self-hosting option. The GitHub repo (7 stars) contains examples and documentation, not the server code. You cannot fork it, extend it, audit the code, or run it on your own infrastructure. For teams with strict data sovereignty requirements or those who want to customize tool behavior, this is a hard constraint. Grafana’s MCP server (Apache 2.0) is the opposite approach.

“Unstable” API path. The endpoint URL contains /api/unstable/ — Datadog’s signal that the API surface may change without notice. Despite GA status, the underlying MCP protocol integration is still evolving. Tool names, response formats, and toolset boundaries could shift between updates.

Requires anticipating toolset needs. You configure toolsets at connection time via URL parameters. If your agent encounters a scenario needing a toolset you didn’t enable (e.g., you loaded core but need APM trace analysis), you can’t dynamically add it mid-conversation. You need to disconnect and reconnect with the right toolsets. Grafana has the same limitation, but since Grafana runs locally, reconnecting is faster.

Incident timeline data missing. The incident tools can list and retrieve incidents, but the timeline data (the chronological record of actions taken during an incident) is not yet available. For incident post-mortems, this is a significant gap.

Community alternatives are fragmented. The most popular community Datadog MCP server (winor30/mcp-server-datadog, 139 stars, 20 tools) predates the official server and covers different ground — host muting, downtime scheduling, RUM analysis. If you need capabilities the official server doesn’t have (like muting hosts or scheduling downtimes), you’d need to run both, doubling your context window cost.

Alternatives

Sentry MCP Server (4/5) — if you need deep error tracking with AI root cause analysis (Seer), OAuth 2.0 authentication, and zero-install remote hosting. Sentry is narrower (errors only) but deeper in its niche. Use Sentry for debugging specific errors, Datadog for full-stack observability.

Grafana MCP Server (4/5) — the open-source alternative with 40+ tools, multi-vendor data source support (any Grafana backend), and self-hosting. If you want vendor independence, code auditability, or run a LGTM stack, Grafana is the natural choice. Datadog has more tools, but Grafana works with your existing infrastructure regardless of vendor.

winor30/mcp-server-datadog (139 stars) — the most popular community Datadog MCP server. 20 tools including host management (mute/unmute), downtime scheduling, and RUM analysis. TypeScript, Apache 2.0, stdio transport. Useful if you need capabilities the official server doesn’t cover or want a local/self-hosted option.

New Relic MCP Server — 35 tools with natural language to NRQL translation. More accessible pricing (100GB/mo free tier). Still in Public Preview.

Honeycomb MCP — event-based observability with high-cardinality debugging. A fundamentally different approach — better for distributed system investigations, weaker for traditional APM dashboarding.

Who Should Use This

Use the Datadog MCP server if:

  • You’re already on Datadog and want your agent to query logs, metrics, traces, and dashboards
  • You need the broadest operational context — LLM observability, feature flags, database monitoring, synthetics
  • You want zero-install setup with managed regional endpoints
  • You need GA status and enterprise support guarantees
  • You want agent-native tool design with token-budget pagination and SQL-like log queries

Skip it if:

  • You don’t have a Datadog subscription — the MCP server is free but the platform is not
  • You need open-source code auditability or self-hosting — Grafana is the choice
  • You’re in a GovCloud environment — not supported
  • You want OAuth-first security — Sentry and PagerDuty are better here
  • You need incident timeline data — not yet available
4 / 5 — The most feature-rich observability MCP server, purpose-built for enterprise teams already on Datadog
The Datadog MCP server is what happens when the largest commercial observability platform designs an MCP integration from the ground up — not wrapping their API, but rethinking tool design for AI agents. The token-budget pagination, CSV-over-JSON formatting, SQL-like log queries, and modular toolsets show a team that understands agent constraints. With 50+ tools across 10+ toolsets covering surface area no other server matches (LLM observability, feature flags, database monitoring, synthetics), it’s the most comprehensive observability MCP server available. The 4/5 rating reflects what’s genuinely best-in-class (broadest tool coverage, agent-native design, zero-install remote hosting, GA status, RBAC-aware security) balanced against real constraints (Datadog’s complex pricing as the true barrier to entry, API key auth by default, closed-source code, unstable API path, no GovCloud support, missing incident timeline data, and a community server ecosystem that covers gaps the official server doesn’t). For enterprise teams already paying for Datadog, this is the obvious integration. For everyone else, the platform cost — not the MCP server — is what keeps the door closed.