Observability context
Query incidents, dashboards, hosts, services, notebooks, and event streams without leaving Claude Code.
←Back to Skill DirectorySuggest update
Observability MCP
Datadog MCP Server
The Datadog MCP Server connects Claude Code to live observability context inside Datadog. Instead of switching between dashboards, incident timelines, monitors, and traces by hand, you can let your agent query the data directly through MCP and keep the debugging loop inside one terminal session.
This guide focuses on the setup patterns that matter in practice: which authentication mode to choose, how toolsets keep context usage under control, what permissions are required, and which workflows justify adding Datadog to a Claude Code stack.
Security workflows
Use Datadog security toolsets for code scanning, findings search, and security investigations from the same agent session.
Context-efficient toolsets
Restrict the server to the toolsets you actually need so the model sees fewer irrelevant tools and wastes less context.
Auditability
Datadog records MCP tool calls in Audit Trail and emits MCP usage metrics, which matters for enterprise governance.
Setup Modes
How to Set Up Datadog MCP Server for Claude Code
Remote authentication
Use Datadog's HTTP MCP endpoint when your client handles remote OAuth cleanly. Keep toolsets explicit in the URL so Claude Code only sees the observability domains you actually want.
Local binary authentication
Install the Datadog CLI, run `datadog_mcp_cli login`, then wire Claude Code to the binary over stdio. This is the safer fallback when you want a more deterministic local setup.
Scoped key-based auth
For headless or server environments, Datadog documents passing `DD_API_KEY` and `DD_APPLICATION_KEY` headers. Use a tightly scoped service account, not a broad personal key.
Remote HTTP example
claude mcp add --transport http datadog-mcp "https://mcp.datadoghq.com/api/unstable/mcp-server/mcp?toolsets=core,apm"
Best default when OAuth works cleanly in your MCP client and you want the lightest Claude Code setup.
Local auth fallback
curl -sSL https://coterm.datadoghq.com/mcp-cli/install.sh | bash
datadog_mcp_cli login
{
"mcpServers": {
"datadog": {
"type": "stdio",
"command": "/Users/<USERNAME>/.local/bin/datadog_mcp_cli",
"args": [],
"env": {}
}
}
}Use this route when you want stdio predictability, local credential handling, or a safer fallback if remote auth behaves inconsistently.
Execution Brief
Use this page as a rollout checklist, not just reference text.
Tool Mapping Lens
Organize Tools by Workflow Phase
Catalog-oriented pages work best when users can map discovery, evaluation, and rollout in a clear path instead of reading an undifferentiated list.
- Define the job-to-be-done first
- Group tools by stage
- Prioritize by adoption friction
Actionable Utility Module
Skill Implementation Board
Use this board for Datadog MCP Server before rollout. Capture inputs, apply one decision rule, execute the checklist, and log outcome.
Input: Objective
Deliver one measurable improvement with datadog mcp server
Input: Baseline Window
20-30 minutes
Input: Fallback Window
8-12 minutes
| Decision Trigger | Action | Expected Output |
|---|---|---|
| Input: one workflow objective and release owner are defined | Run preview execution with fixed acceptance criteria. | Go or hold decision backed by repeatable evidence. |
| Input: output quality below baseline or retries increase | Limit scope, isolate root issue, and rerun controlled test. | One confirmed correction path before wider rollout. |
| Input: checks pass for two consecutive replay windows | Promote to broader traffic with fallback path active. | Stable rollout with low operational surprise. |
Execution Steps
- Record objective, owner, and stop condition.
- Execute one controlled preview run.
- Measure quality, latency, and correction burden.
- Promote only when pass criteria are stable.
Output Template
tool=datadog mcp server objective= preview_result=pass|fail primary_metric= next_step=rollout|patch|hold
What Is Datadog MCP Server?
Datadog MCP Server is Datadog's official bridge between the Datadog platform and MCP-compatible AI clients. In practice, it means Claude Code can inspect incidents, dashboards, monitors, hosts, notebooks, and security findings without forcing you to tab-hop into the Datadog UI for every question. This is especially valuable during debugging because the model can ground its reasoning in live telemetry instead of stale pasted snippets.
The real value is not just data access, but structured data access. Datadog exposes a growing set of tools with predictable arguments and toolsets, so the model can request exactly the observability context it needs. That makes Datadog MCP materially better than generic browser automation for repeat operational tasks such as incident triage, postmortem support, deployment verification, and monitor investigations.
Datadog also built the server with enterprise controls in mind. The docs highlight role-based MCP permissions, audit trail logging for tool calls, and standard metrics that track MCP sessions and tool usage. For teams adopting agent workflows in production environments, those controls are part of the product decision, not an afterthought.
How to Calculate Better Results with datadog mcp server
Start with the authentication mode. If your MCP client handles HTTP and OAuth cleanly, the remote Datadog MCP endpoint is the lightest path and avoids installing an extra local process first. If you need a more deterministic setup or want to stay on stdio, Datadog explicitly documents the local binary flow: install `datadog_mcp_cli`, run the login flow, then expose the server to Claude Code over stdio. For headless environments, Datadog also documents scoped API and application key auth.
Next, reduce the tool surface before you ever start asking the model to investigate incidents. Datadog supports toolsets such as `core`, `apm`, `security`, `synthetics`, and `software-delivery`. If you only need incident debugging and dashboard lookup, keep the server close to `core` instead of loading every available tool. That keeps the model focused and lowers the chance of irrelevant tool calls.
Finally, validate the connection with a smoke test. Datadog recommends testing with MCP Inspector or by listing tools in the client. In Claude Code, a good first run is asking for recent production incidents, monitor results for a service, or dashboard context for a failing dependency. If those work cleanly, you have a production-usable setup rather than just a nominal install.
Treat this page as a decision map. Build a shortlist fast, then run a focused second pass for security, ownership, and operational fit.
When a team keeps one shared selection rubric, tool adoption speeds up because evaluators stop debating criteria every time a new option appears.
Worked Examples
Example 1: Incident triage inside Claude Code
- On-call engineer connects Claude Code to Datadog MCP using the local binary setup.
- Claude searches recent incidents, fetches the active monitor context, and reviews related service events.
- Claude summarizes likely blast radius and suggests the next dashboards or traces to inspect.
Outcome: The engineer spends less time gathering breadcrumbs manually and more time deciding on mitigation.
Example 2: Security scan before shipping a fix
- Developer limits the MCP server to security-relevant toolsets.
- Claude runs a Datadog code security scan and reviews findings before a patch is merged.
- Claude highlights secrets exposure or high-risk code paths that need a second pass.
Outcome: The review loop becomes faster and more consistent because the model can call Datadog tools directly instead of relying on screenshots or exported findings.
Example 3: Post-deploy verification
- Team deploys a service and asks Claude to inspect Datadog events, monitors, and a target dashboard.
- Claude checks if alert volume changed, whether deployment events line up with spikes, and which hosts or services degraded.
- Claude turns the observations into a short deployment health summary for the release channel.
Outcome: Release verification becomes a repeatable MCP workflow instead of a manual dashboard sweep.
Frequently Asked Questions
What is the Datadog MCP Server?
The Datadog MCP Server is Datadog's official Model Context Protocol bridge for AI clients. It gives Claude Code, Codex, Cursor, and other MCP-compatible tools structured access to Datadog observability data such as incidents, dashboards, logs, metrics, traces, notebooks, and security scans.
Does Datadog MCP Server work with Claude Code?
Yes. Datadog documents agent CLI usage for Claude Code and Codex. For Claude Code, teams usually choose remote authentication when the OAuth flow works smoothly and fall back to the local Datadog MCP binary when remote authentication is unreliable.
What permissions are required for Datadog MCP Server?
Datadog states that users need MCP Read permission for read-only access and MCP Write permission when they need mutating actions. If you authenticate with API and application keys, use a scoped service account with only the minimum permissions required.
What is the difference between Datadog remote auth and local auth?
Remote authentication uses an HTTP MCP endpoint and usually signs the user in with OAuth. Local authentication installs the datadog_mcp_cli binary, runs a login flow locally, and exposes the server over stdio to your AI client. Local auth is recommended when remote auth is unreliable or when your client handles stdio more predictably.
What toolsets does Datadog MCP Server support?
Datadog supports multiple toolsets so you can keep the active tool surface small. The documented sets include core, alerting, apm, cases, dbm, error-tracking, feature-flags, llmobs, product-analytics, networks, onboarding, security, software-delivery, and synthetics.
How do I test Datadog MCP Server after setup?
Datadog recommends validating the connection with MCP Inspector or by listing tools in your MCP client. A clean smoke test is to connect, list tools, and ask for a simple read action such as searching recent incidents, dashboards, or monitors.
Missing a better tool match?
Send the exact workflow you are solving and we will prioritize a new comparison or rollout guide.