# Axiom MCP for AI Agents MCP

> Axiom manages observability and log data directly through your AI client. You can ingest raw logs (JSON, CSV) into structured datasets, run powerful Axiom Processing Language (APL) queries in real-time, and manage complex infrastructure components like monitors and dashboards using natural conversation.

## Overview
- **Category:** data-analytics
- **Price:** Free
- **Tags:** telemetry, log-analysis, real-time-monitoring, data-ingestion, apl-queries, cloud-observability

## Description

Connecting your Axiom account to any AI agent lets you handle log management and observability tasks right where you work. Instead of jumping between a terminal, a database UI, and a monitoring dashboard just to answer one question, you talk to your AI client. It handles the heavy lifting: ingesting massive amounts of raw data into structured datasets or running complex APL queries against live logs. You can manage everything from creating new monitors for alert checks to listing user details needed for auditing, all through simple prompts. If your current workflow involves manual data cleanup and stitching together information from separate monitoring tools, this MCP changes that. Vinkius hosts the Axiom connection, allowing you to access these powerful data controls instantly from any compatible client.

## Tools

### create_annotation
Adds a specific note or marker to an existing dashboard for context.

### create_dashboard
Builds a new visual dashboard to track multiple system metrics simultaneously.

### create_dataset
Establishes a new container in Axiom to hold and manage specific types of raw data.

### create_monitor
Sets up automated checks that constantly watch for performance dips or error conditions.

### create_notifier
Creates an alert system that sends notifications when a monitored metric crosses a defined threshold.

### delete_annotation
Removes annotations from dashboards once the temporary context is no longer needed.

### delete_dashboard
Deletes entire dashboards to keep your monitoring view clean and focused.

### delete_dataset
Permanently removes a dataset, freeing up storage space for telemetry data.

### delete_monitor
Turns off an automated monitor check when the service being tracked is decommissioned.

### delete_notifier
Removes an alert notification rule that was previously set up for a specific event type.

### get_annotation
Retrieves details about a single annotation using its unique ID number.

### get_dashboard
Fetches the configuration and metrics of an existing dashboard by its UID.

### get_dataset
Retrieves metadata and status for a specific dataset, confirming its existence and contents.

### get_monitor
Gets the current status and settings of a specific monitoring check.

### get_notifier
Retrieves details about an alert notifier rule based on its ID.

### get_org
Fetches organizational information, confirming tenancy boundaries for data access.

### get_user
Looks up a user's profile and associated details using their unique identifier.

### ingest_data
Loads raw JSON, NDJSON, or CSV content directly into an active Axiom dataset for analysis.

### list_annotations
Provides a list of all annotations currently defined across your monitored systems.

### list_dashboards
Shows a catalog of every dashboard you have created or are subscribed to view.

### list_datasets
Retrieves a complete list of all available datasets for log and metric storage.

### list_monitors
Lists all configured monitors, showing their status and the metrics they track.

### list_notifiers
Shows every active notification rule and its associated alert triggers.

### list_tokens
Displays a list of API tokens currently generated for security auditing purposes.

### list_users
Returns an inventory of all user accounts tied to the organization's tenancy.

### run_query
Executes complex, customized APL queries against your entire Axiom data corpus.

### update_annotation
Modifies the content or visibility settings of an existing annotation on a dashboard.

### update_dashboard
Applies changes to metrics, visualizations, or widgets within an established dashboard.

### update_dataset
Alters the schema or metadata associated with an already ingested dataset.

### update_monitor
Adjusts the parameters of a monitoring check, like changing its threshold value or frequency.

### update_notifier
Modifies the recipients or conditions for an existing alert notification rule.

## Prompt Examples

**Prompt:** 
```
List all my available datasets for production logs.
```

**Response:** 
```
**Datasets Found:**
*   `production-logs` (ID: ds_123) - Last updated 5 minutes ago. Contains raw JSON records.
*   `staging-metrics` (ID: ds_456) - Last updated 1 hour ago. Optimized for CSV queries.
*   `security-audit` (ID: ds_789) - Active monitoring dataset, requires elevated permissions.
```

**Prompt:** 
```
Count the number of authentication failures in the last four hours.
```

**Response:** 
```
Running APL query on `production-logs`...

Query executed: `['production-logs'] | where level == 'error' and message contains 'auth failure' | summarize count()`

**Result:** 78 authentication failures found in the last four hours. This is a 20% increase over the previous period.
```

**Prompt:** 
```
Create a new dashboard to track database connection pool utilization.
```

**Response:** 
```
**Dashboard 'DB Pool Health' Created.**

*   **Status:** Active
*   **Metrics:** Connection Count (Gauge), Utilization Percentage (Graph)
*   **Notes:** I've set the threshold warning at 85% and scheduled it to update every minute. Dashboard UID: dash_xyz123.
```

## Capabilities

### Running advanced log queries
Execute complex APL queries against your ingested datasets to count errors, identify trends, or filter logs based on specific criteria.

### Managing telemetry components
Create and delete critical infrastructure elements like monitors, dashboards, and notifiers that track system health and trigger alerts when thresholds are breached.

### Organizing raw data streams
Ingest various file types (JSON, CSV) into managed datasets or list existing ones to keep your infrastructure telemetry organized and ready for querying.

### Auditing user access details
Retrieve information about users, API tokens, and organization settings needed for security audits and access control management.

### Visualizing system performance
Create new dashboards or retrieve existing ones to visualize trends, track key metrics over time, and annotate significant events on the timeline.

## Use Cases

### Investigating an unexpected traffic spike
A user asks, 'What caused the latency dip last night?' The agent runs a targeted APL query against the production logs and returns a table showing the correlation between increased API calls and error rates.

### Setting up compliance monitoring for PII
A user commands, 'Create a monitor that alerts if any dataset contains unmasked PII.' The agent runs `create_monitor` and sets up the required notification rule to prevent leaks.

### Onboarding a new team member's access
A user asks, 'What tokens does Jane Doe have?' The agent retrieves her profile using `get_user` and then lists all active API tokens associated with her account for review.

### Debugging an intermittent production bug
The engineer prompts, 'Show me the logs related to trace ID XYZ.' The agent executes a query and presents the relevant log snippets and user details, immediately narrowing down the scope of the issue.

## Benefits

- Instead of manually checking logs, you tell your agent to run a query. It executes the complex APL command using `run_query` and delivers the results directly in the chat.
- You gain full oversight by managing all visibility components—from setting up new alerts with `create_monitor` to updating notification rules via `update_notifier`—all through conversation.
- Stop wasting time organizing data. You can ingest raw, messy files using `ingest_data` and immediately structure them into clean datasets ready for analysis.
- Auditing is faster: Use `list_users`, `get_user`, or `list_tokens` to instantly gather the access details needed for compliance checks without navigating complex admin portals.
- Visualizing trends gets easier. You can create new dashboards (`create_dashboard`) and annotate important events using `create_annotation`, keeping all context in one place.

## How It Works

The bottom line is: you talk to your AI client once; it handles the complex data operations with Axiom for you.

1. First, subscribe to this MCP and provide your Axiom API Token along with any required Organization ID.
2. Next, connect your preferred AI client (like Cursor or Claude) to the Vinkius catalog. The connection validates your credentials.
3. Finally, you simply ask your agent what you need—for instance, 'Show me all monitors checking latency'—and it executes the necessary commands using Axiom.

## Frequently Asked Questions

**How does Axiom MCP help me analyze my logs without writing complex code?**
Axiom MCP lets you query your logs conversationally. Instead of remembering APL syntax, you just ask the agent what you need to know—like 'show errors from last night'—and it runs the correct analysis for you.

**Can Axiom MCP manage my system alerts?**
Yes. You can use this MCP to create new monitors and notifiers instantly. You just tell your agent what threshold to watch (e.g., 'if CPU > 90%'), and it handles the setup so you get real-time alerts.

**What kind of data can I load into Axiom using this MCP?**
You can ingest various raw formats, including JSON, NDJSON, or CSV. This means you don't have to preprocess your logs; the agent loads and prepares them for querying right away.

**Does Axiom MCP help with user access control?**
It does. You can easily get information about users, list all API tokens, or view organization details using this MCP. This makes auditing security compliance much faster than manual checks.

**Is Axiom MCP suitable for data analysts working with large datasets?**
Absolutely. It provides powerful tools to ingest massive amounts of telemetry and gives you the ability to run complex processing language queries, turning raw logs into actionable metrics.