# Available Tools AWS Logs MCP provides several tools for interacting with AWS CloudWatch Logs and CloudTrail events. ## CloudWatch Logs ### cloudWatchLogGroups List available CloudWatch Log Groups with optional filtering. **Parameters:** | Parameter | Type | Required | Description | |-----------|------|----------|-------------| | `prefix` | string | No | Filter log groups by prefix | | `limit` | number | No | Maximum number of log groups to return (default: 50) | **Example:** ```json { "tool": "cloudWatchLogGroups", "params": { "prefix": "/aws/lambda/", "limit": 10 } } ``` **Response:** The response contains a list of log groups with details: ```json [ { "logGroupName": "/aws/lambda/my-function", "creationTime": "2023-01-15T12:30:45.000Z", "metricFilterCount": 0, "arn": "arn:aws:logs:us-east-1:123456789012:log-group:/aws/lambda/my-function:*", "storedBytes": 1234567 }, ... ] ``` ### cloudWatchLogs Retrieve logs from CloudWatch with various filtering options. **Parameters:** | Parameter | Type | Required | Description | |-----------|------|----------|-------------| | `logGroupName` | string | Yes | The name of the log group to query | | `logStreamName` | string | No | Specific log stream name | | `filterPattern` | string | No | Filter pattern to apply to logs | | `startTime` | string | No | Start time for log retrieval (ISO format or relative like -30m, -1h, -1d) | | `endTime` | string | No | End time for log retrieval (ISO format) | | `limit` | number | No | Maximum number of log events to return (default: 100) | **Example:** ```json { "tool": "cloudWatchLogs", "params": { "logGroupName": "/aws/lambda/my-function", "filterPattern": "ERROR", "startTime": "-1h", "limit": 50 } } ``` **Response:** The response contains formatted log events: ``` [2023-01-15T14:30:12.345Z] ERROR: Unable to connect to database [2023-01-15T14:35:22.678Z] ERROR: Timeout waiting for response from external API ``` ## CloudTrail Events ### cloudTrailEvents Retrieve events from CloudTrail with various filtering options. **Parameters:** | Parameter | Type | Required | Description | |-----------|------|----------|-------------| | `eventName` | string | No | Filter events by name (e.g., "CreateFunction", "InvokeFunction") | | `username` | string | No | Filter events by AWS username | | `resourceName` | string | No | Filter events by resource name | | `resourceType` | string | No | Filter events by resource type | | `startTime` | string | No | Start time for event retrieval (ISO format or relative like -30m, -1h, -1d) | | `endTime` | string | No | End time for event retrieval (ISO format) | | `limit` | number | No | Maximum number of events to return (default: 50) | **Example:** ```json { "tool": "cloudTrailEvents", "params": { "eventName": "CreateFunction", "startTime": "-1d", "limit": 25 } } ``` **Response:** The response contains formatted CloudTrail events: ```json [ { "eventTime": "2023-01-15T10:23:45.000Z", "eventName": "CreateFunction", "username": "admin", "resources": [ { "resourceType": "AWS::Lambda::Function", "resourceName": "my-new-function" } ], "eventSource": "lambda.amazonaws.com", "eventId": "abcdef12-3456-7890-abcd-ef1234567890", "readOnly": false }, ... ] ``` ## Testing Connections ### testAwsConnection Test AWS connectivity with current credentials. **Parameters:** None **Example:** ```json { "tool": "testAwsConnection", "params": {} } ``` **Response:** The response indicates whether the connection to AWS services was successful: ```json { "success": true, "message": "Successfully connected to AWS services", "details": { "identity": { "accountId": "123456789012", "arn": "arn:aws:sts::123456789012:assumed-role/MyRole/session-name" }, "services": [ { "name": "CloudWatchLogs", "status": "available" }, { "name": "CloudTrail", "status": "available" } ] } } ``` ## Error Handling All tools return standardized error responses when issues occur: ```json { "error": "ERROR_CODE", "message": "Human-readable error message", "timestamp": "2023-01-15T12:34:56.789Z", "service": "CloudWatchLogs", "operation": "listLogGroups" } ``` Common error codes include: - `VALIDATION_ERROR`: Invalid parameters - `AWS_SERVICE_ERROR`: AWS service-related errors - `AUTHENTICATION_ERROR`: AWS credential issues - `PERMISSION_ERROR`: Insufficient permissions - `INTERNAL_ERROR`: Server-side issues